From c1119819b0a7905ab60fdd3af44b7ebce9238368 Mon Sep 17 00:00:00 2001 From: rohanharikr Date: Thu, 7 May 2026 17:08:59 +0100 Subject: [PATCH 1/2] Protocol: use agent_token in diagrams for consistency Diagram code blocks mixed "agent token" and "agent_token"; align on the underscored form used elsewhere in diagrams and in the bootstrap spec. Co-Authored-By: Claude Opus 4.7 (1M context) --- draft-hardt-oauth-aauth-protocol.md | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/draft-hardt-oauth-aauth-protocol.md b/draft-hardt-oauth-aauth-protocol.md index 9f2b360..c96670d 100644 --- a/draft-hardt-oauth-aauth-protocol.md +++ b/draft-hardt-oauth-aauth-protocol.md @@ -254,7 +254,7 @@ The agent signs requests with its agent token (#agent-tokens). The resource veri ~~~ ascii-art Agent Resource | | - | HTTPSig w/ agent token | + | HTTPSig w/ agent_token | |-------------------------------------------->| | | | 200 OK | @@ -269,7 +269,7 @@ The resource handles authorization itself — via interaction (#user-interaction ~~~ ascii-art Agent Resource | | - | HTTPSig w/ agent token | + | HTTPSig w/ agent_token | |-------------------------------------------->| | | | 202 (interaction required) | @@ -284,7 +284,7 @@ Agent Resource | AAuth-Access: opaque-token | |<--------------------------------------------| | | - | HTTPSig w/ agent token | + | HTTPSig w/ agent_token | | Authorization: AAuth opaque-token | |-------------------------------------------->| | | @@ -300,14 +300,14 @@ The resource has no separate access server — it accepts identity claims from w ~~~ ascii-art Agent Resource PS | | | - | HTTPSig w/ agent token | | + | HTTPSig w/ agent_token | | | POST authorization_endpoint | | |------------------------------------->| | | | | | resource_token (aud = PS URL) | | |<-------------------------------------| | | | | - | HTTPSig w/ agent token | | + | HTTPSig w/ agent_token | | | POST token_endpoint | | | w/ resource_token | | |-------------------------------------------------->| @@ -331,14 +331,14 @@ The resource has its own access server. The resource issues a resource token (#r ~~~ ascii-art Agent Resource PS AS | | | | - | HTTPSig w/ agent token | | | + | HTTPSig w/ agent_token | | | | POST authorization_endpoint | | | |------------------------------------>| | | | | | | | resource_token (aud = AS URL) | | | |<------------------------------------| | | | | | | - | HTTPSig w/ agent token | | | + | HTTPSig w/ agent_token | | | | POST token_endpoint | | | | w/ resource_token | | | |-------------------------------------------->| | @@ -403,7 +403,7 @@ The agent proposes a mission at the PS. The PS and user may clarify and refine b ~~~ ascii-art Agent PS User | | | - | HTTPSig w/ agent token | | + | HTTPSig w/ agent_token | | | POST mission_endpoint | | | proposal | | |--------------------------------------->| | @@ -425,7 +425,7 @@ The agent includes the `AAuth-Mission` header when sending requests to resources ~~~ ascii-art Agent Resource | | - | HTTPSig w/ agent token | + | HTTPSig w/ agent_token | | AAuth-Mission: approver=...; s256=... | | POST authorization_endpoint | |-------------------------------------------->| @@ -443,7 +443,7 @@ When the agent believes the mission is complete, it proposes completion via the ~~~ ascii-art Agent PS User | | | - | HTTPSig w/ agent token | | + | HTTPSig w/ agent_token | | | POST interaction_endpoint | | | type=completion, summary | | |--------------------------------------->| | @@ -2616,7 +2616,7 @@ Agent Resource 1 Resource 2 PS |------------->| | | | | | | | | HTTPSig w/ | | - | | R1 agent token | | + | | R1 agent_token | | | | AAuth-Mission | | | |--------------->| | | | | | From 12b715d6187d33133a76da631e95aa75714f3873 Mon Sep 17 00:00:00 2001 From: rohanharikr Date: Thu, 7 May 2026 17:13:07 +0100 Subject: [PATCH 2/2] Protocol: use auth_token in diagrams for consistency MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Same diagram-consistency fix as the prior commit, applied to "auth token" → "auth_token" in the three-party, four-party, call-chaining, and interaction-chaining diagrams. Co-Authored-By: Claude Opus 4.7 (1M context) --- draft-hardt-oauth-aauth-protocol.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/draft-hardt-oauth-aauth-protocol.md b/draft-hardt-oauth-aauth-protocol.md index c96670d..6d3483d 100644 --- a/draft-hardt-oauth-aauth-protocol.md +++ b/draft-hardt-oauth-aauth-protocol.md @@ -315,7 +315,7 @@ Agent Resource PS | auth_token | | |<--------------------------------------------------| | | | - | HTTPSig w/ auth token | | + | HTTPSig w/ auth_token | | | GET /api/documents | | |------------------------------------->| | | | | @@ -354,7 +354,7 @@ Agent Resource PS AS | auth_token | | | |<--------------------------------------------| | | | | | - | HTTPSig w/ auth token | | | + | HTTPSig w/ auth_token | | | | GET /api/documents | | | |------------------------------------>| | | | | | | @@ -2612,7 +2612,7 @@ See (#call-chaining) for normative requirements. Resource 1 acts as an agent, se Agent Resource 1 Resource 2 PS | | | | | HTTPSig w/ | | | - | auth token | | | + | auth_token | | | |------------->| | | | | | | | | HTTPSig w/ | | @@ -2637,7 +2637,7 @@ Agent Resource 1 Resource 2 PS | |<---------------------------------| | | | | | | HTTPSig w/ | | - | | auth token | | + | | auth_token | | | |--------------->| | | | | | | | 200 OK | | @@ -2699,7 +2699,7 @@ User Agent Resource 1 Resource 2 PS | | gets auth_token] | | | | | | | | | | HTTPSig w/ | | - | | | auth token | | + | | | auth_token | | | | |-------------->| | | | | | | | | | 200 OK | |