"OAuth2 is an authorization framework being used as a hardware authentication protocol. " - what I assume would be an application layer protocol being used at the logical layer. This looks like a kluge. [EDIT]: As I read further, I realized the draft, as you present it, should be DOA. The only concerns the draft seems to address are

(1) increasing the upper limit on N of connected devices

(2) Condensing several points of failure in several independent services into one, big service without with the entire network is unusable

(3) The real goal, centralized accounting, censorship and blocking. This will be all the rage in China, North Korea, Iran, etc. .

Notably, no organization I work at has had any of the following issues in my career at 3 different orgs with internet presence, despite never encountering IPv6 on anything other than the output from "ipconfig" or "ifconfig":

(a) Has ever run out of IP addresses to use on a network segment.

(b) Has ever run out of public IP address

(c) Was ever denied additional addresses when requested from allocation (it's been a few years since I was responsible for this, though).

I rather like that lack of address space will limit connected device growth.

The lack of separation of concerns smacks of something/someone who hasn't been bitten by a single point of failure yet. It's got a quaint naiveté in that regard. I suspect LLMs may have had a large hand in writing the draft.

Pro opinion as an architect closely aligns with yours. I'm not sure what the benefits are beyond making it easy for admins to ID and shut down devices. As folks say - "it's not a bug, it's a feature".