§45 · Lane 8 — Agent Infrastructure Standards & Toolchain
IETF RFC 9635 — GNAP
Richer, Imbault (2024) · RFC 9635
Bibliographic data
- Title
- IETF RFC 9635 — Grant Negotiation and Authorization Protocol (GNAP) (October 2024)
- Authors / Issuing body
- Justin Richer, Fabien Imbault
- Venue / Publisher
- Internet Engineering Task Force (IETF) / RFC Editor
- Year
- 2024
- Designation
- specification
- Licence
- DOI — refer to publisher for full licence terms.
- Canonical link
- https://doi.org/10.17487/RFC9635
How to cite
Richer, Imbault (2024). IETF RFC 9635 — Grant Negotiation and Authorization Protocol (GNAP) (October 2024). Internet Engineering Task Force (IETF) / RFC Editor. https://doi.org/10.17487/RFC9635.
IETF protocol defining a mechanism for delegating authorisation to a piece of software and conveying the resulting grant artifacts, covering API access and subject information. Published October 2024, Proposed Standard status, 187 pages.
Why it matters for NETEVO
GNAP is the IETF answer to the question OAuth 2.0 did not fully solve: how does a piece of software (an agent, a service, a delegated client) negotiate, obtain and exercise authorisation that is scoped to a specific task, time-bounded and revocable? RFC 9635 specifies the protocol-level mechanics. The Agent Infrastructure Whitepaper Dimension 1 (agent identity and scoping) is the architectural surface where GNAP applies directly.
The Authority Register coinage is in part a protocol-agnostic operational form of what GNAP specifies at the wire level. Where the Authority Register names what must be tracked about every delegated agent grant (identity, scope, expiry, revocation handle, audit trail), GNAP names how the wire protocol exchanges grant artifacts that carry that information. Citing GNAP underwrites the Authority Register with a published IETF specification rather than leaving it as an internal NETEVO construct.
RFC 9635 is a Proposed Standard, distinct from the two Internet-Drafts in this lane (§§46-47) which are mutable individual submissions. Cite the DOI for stability.
Where NETEVO applies this
- Agent Infrastructure Whitepaper — load-bearing — Dimension 1 (identity and scoping)