Hello ACE,
this update (together with an upcoming update of
draft-ietf-ace-oauth-authz) fixes the issues raised by Brian Campbell.
Please review the new section 7. (Requirements when using asymmetric
keys) to see if you agree with the reasoning proposed therein.
Regards,
Ludwig
On 2020-02-01 12:01, internet-dra...@ietf.org wrote:
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Authentication and Authorization for
Constrained Environments WG of the IETF.
Title : Additional OAuth Parameters for Authorization in
Constrained Environments (ACE)
Author : Ludwig Seitz
Filename : draft-ietf-ace-oauth-params-12.txt
Pages : 11
Date : 2020-02-01
Abstract:
This specification defines new parameters and encodings for the OAuth
2.0 token and introspection endpoints when used with the framework
for authentication and authorization for constrained environments
(ACE). These are used to express the proof-of-possession key the
client wishes to use, the proof-of-possession key that the
Authorization Server has selected, and the key the Resource Server
uses to authenticate to the client.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-ace-oauth-params/
There are also htmlized versions available at:
https://tools.ietf.org/html/draft-ietf-ace-oauth-params-12
https://datatracker.ietf.org/doc/html/draft-ietf-ace-oauth-params-12
A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-ietf-ace-oauth-params-12
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
_______________________________________________
Ace mailing list
Ace@ietf.org
https://www.ietf.org/mailman/listinfo/ace
_______________________________________________
Ace mailing list
Ace@ietf.org
https://www.ietf.org/mailman/listinfo/ace
