[Ace] Last Call: (OSCORE profile of the Authentication and Authorization for Constrained Environments Framework) to Proposed Standard
The IESG has received a request from the Authentication and Authorization for Constrained Environments WG (ace) to consider the following document: - 'OSCORE profile of the Authentication and Authorization for Constrained Environments Framework' as Proposed Standard The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the last-c...@ietf.org mailing lists by 2020-07-20. Exceptionally, comments may be sent to i...@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract This memo specifies a profile for the Authentication and Authorization for Constrained Environments (ACE) framework. It utilizes Object Security for Constrained RESTful Environments (OSCORE) to provide communication security, server authentication, and proof-of-possession for a key owned by the client and bound to an OAuth 2.0 access token. The file can be obtained via https://datatracker.ietf.org/doc/draft-ietf-ace-oscore-profile/ No IPR declarations have been submitted directly on this I-D. ___ Ace mailing list Ace@ietf.org https://www.ietf.org/mailman/listinfo/ace
[Ace] Last Call: (Datagram Transport Layer Security (DTLS) Profile for Authentication and Authorization for Constrained Environments (ACE)) to Proposed Standard
The IESG has received a request from the Authentication and Authorization for Constrained Environments WG (ace) to consider the following document: - 'Datagram Transport Layer Security (DTLS) Profile for Authentication and Authorization for Constrained Environments (ACE)' as Proposed Standard The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the last-c...@ietf.org mailing lists by 2020-07-20. Exceptionally, comments may be sent to i...@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract This specification defines a profile of the ACE framework that allows constrained servers to delegate client authentication and authorization. The protocol relies on DTLS version 1.2 for communication security between entities in a constrained network using either raw public keys or pre-shared keys. A resource- constrained server can use this protocol to delegate management of authorization information to a trusted host with less severe limitations regarding processing power and memory. The file can be obtained via https://datatracker.ietf.org/doc/draft-ietf-ace-dtls-authorize/ The following IPR Declarations may be related to this I-D: https://datatracker.ietf.org/ipr/3112/ ___ Ace mailing list Ace@ietf.org https://www.ietf.org/mailman/listinfo/ace
Re: [Ace] I-D Action: draft-ietf-ace-dtls-authorize-12.txt
Dear ACE mailing list, we have submitted version -12 of the DTLS profile for ACE, addressing the latest review comments from Ben, Jim, and Carsten (see discussion thread on this mailing list). Grüße Olaf internet-dra...@ietf.org writes: > A New Internet-Draft is available from the on-line Internet-Drafts > directories. > This draft is a work item of the Authentication and Authorization for > Constrained Environments WG of the IETF. > > Title : Datagram Transport Layer Security (DTLS) Profile > for Authentication and Authorization for Constrained Environments (ACE) > Authors : Stefanie Gerdes > Olaf Bergmann > Carsten Bormann > Göran Selander > Ludwig Seitz > Filename: draft-ietf-ace-dtls-authorize-12.txt > Pages : 27 > Date: 2020-07-06 > > Abstract: >This specification defines a profile of the ACE framework that allows >constrained servers to delegate client authentication and >authorization. The protocol relies on DTLS version 1.2 for >communication security between entities in a constrained network >using either raw public keys or pre-shared keys. A resource- >constrained server can use this protocol to delegate management of >authorization information to a trusted host with less severe >limitations regarding processing power and memory. > ___ Ace mailing list Ace@ietf.org https://www.ietf.org/mailman/listinfo/ace
[Ace] I-D Action: draft-ietf-ace-dtls-authorize-12.txt
A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Authentication and Authorization for Constrained Environments WG of the IETF. Title : Datagram Transport Layer Security (DTLS) Profile for Authentication and Authorization for Constrained Environments (ACE) Authors : Stefanie Gerdes Olaf Bergmann Carsten Bormann Göran Selander Ludwig Seitz Filename: draft-ietf-ace-dtls-authorize-12.txt Pages : 27 Date: 2020-07-06 Abstract: This specification defines a profile of the ACE framework that allows constrained servers to delegate client authentication and authorization. The protocol relies on DTLS version 1.2 for communication security between entities in a constrained network using either raw public keys or pre-shared keys. A resource- constrained server can use this protocol to delegate management of authorization information to a trusted host with less severe limitations regarding processing power and memory. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-ietf-ace-dtls-authorize/ There are also htmlized versions available at: https://tools.ietf.org/html/draft-ietf-ace-dtls-authorize-12 https://datatracker.ietf.org/doc/html/draft-ietf-ace-dtls-authorize-12 A diff from the previous version is available at: https://www.ietf.org/rfcdiff?url2=draft-ietf-ace-dtls-authorize-12 Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ ___ Ace mailing list Ace@ietf.org https://www.ietf.org/mailman/listinfo/ace