{"draft":"draft-halen-fedae-03","doc_id":"RFC9932","title":"Mutually Authenticating TLS in the Context of Federations","authors":["S. Hal\u00e9n","J. Schlyter"],"format":["HTML","TEXT","PDF","XML"],"page_count":"30","pub_status":"INFORMATIONAL","status":"INFORMATIONAL","source":"INDEPENDENT","abstract":"This Informational Independent Submission to the RFC Series describes\r\na means to use TLS 1.3 to perform machine-to-machine mutual\r\nauthentication within federations. This memo is not a standard. It\r\ndoes not modify the TLS protocol in any way, nor does it require\r\nchanges to common TLS libraries. TLS is specified and standardized by\r\nthe IETF's TLS Working Group.\r\n\r\nThe framework enables interoperable trust management for federated\r\nmachine-to-machine communication. It introduces a centrally managed\r\ntrust anchor and a controlled metadata publication process, ensuring\r\nthat only authorized members are identifiable within the federation.\r\nThese mechanisms support unambiguous entity identification and reduce\r\nthe risk of impersonation, promoting secure and policy-aligned\r\ninteraction across organizational boundaries.","pub_date":"April 2026","keywords":["machine-to-machine","trust framework","mutual TLS","mTLS","public key pinning","SPKI","federation metadata","federation"],"obsoletes":[],"obsoleted_by":[],"updates":[],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC9932","errata_url":null}