The IESG has approved the following document: - 'Message Queuing Telemetry Transport (MQTT)-TLS profile of Authentication and Authorization for Constrained Environments (ACE) Framework' (draft-ietf-ace-mqtt-tls-profile-17.txt) as Proposed Standard
This document is the product of the Authentication and Authorization for Constrained Environments Working Group. The IESG contact persons are Benjamin Kaduk and Roman Danyliw. A URL of this Internet Draft is: https://datatracker.ietf.org/doc/draft-ietf-ace-mqtt-tls-profile/ Technical Summary This document specifies a profile for the ACE (Authentication and Authorization for Constrained Environments) framework to enable authorization in an Message Queuing Telemetry Transport (MQTT)-based publish-subscribe messaging system. Proof-of-possession keys, bound to OAuth2.0 access tokens, are used to authenticate and authorize MQTT Clients. The protocol relies on TLS for confidentiality and MQTT server (broker) authentication. Working Group Summary This document had an uneventful journey through the WG, gathering feedback over multiple review cycles, with progress being driven by understanding and resolving potential issues and no major points of controversy. Document Quality There are at least two known implementations: * Implementation using the HiveMQ CE is a Java-based open source MQTT broker that fully supports MQTT 3.x and MQTT 5. https://github.com/michaelg9/HiveACEclient The Media-Type registration was sent to the media-types list for review at https://mailarchive.ietf.org/arch/msg/media-types/85kGXBBKaWqIoCSU5k7GrE5FRWw/ though no comments were received. Personnel Daniel Migault is the Document Shepherd. Benjamin Kaduk is the Responsible AD. _______________________________________________ IETF-Announce mailing list IETF-Announce@ietf.org https://www.ietf.org/mailman/listinfo/ietf-announce
