[Ace] Using OAuth and ACE-OAuth with MQTT

Hannes, This is going to be a long email and I hope that I do not get too many things wrong in the process of getting it written up. So the question that you raised is can the current MQTT profile use the existing OAuth and ACE-OAuth protocols. My assertion is that the answer is yes and I will

Re: [Ace] remarks on draft-tiloca-ace-oscore-gm-admin-00

Hi Jim, Thanks a lot for this review! We have taken it into account in the latest submitted -01, together with the followup discussion on the same thread on the list. https://tools.ietf.org/html/draft-tiloca-ace-oscore-gm-admin-01 Please, see some replies inline. Best, /Marco On 2019-11-20

[Ace] Fwd: New Version Notification for draft-tiloca-ace-oscore-gm-admin-01.txt

Hello ACE, We have submitted an updated version of draft-tiloca-ace-oscore-gm-admin https://tools.ietf.org/html/draft-tiloca-ace-oscore-gm-admin-01 The document describes a RESTful interface on the OSCORE Group Manager (resource server), intended for an Administrator (client) to create and

[Ace] Fwd: New Version Notification for draft-tiloca-ace-group-oscore-profile-02.txt

Hello ACE, We have submitted a major updated version of draft-tiloca-ace-group-oscore-profile https://tools.ietf.org/html/draft-tiloca-ace-group-oscore-profile-02 The document describes a profile of ACE where client and server communicate with Group OSCORE. This supports fine-grained access

Re: [Ace] Review of draft-tiloca-ace-revoked-token-notification-00

Hi Travis, Thank you very much for your review! We have addressed it in the latest submitted version -01 https://tools.ietf.org/html/draft-tiloca-ace-revoked-token-notification-01 Please, see some detailed replies inline below. Best, /Marco On 2019-11-21 08:43, Travis Spencer wrote: > Hi All,

[Ace] [ace] Fwd: New Version Notification for draft-tiloca-ace-revoked-token-notification-01.txt

Hello ACE, We have submitted an updated version of draft-tiloca-ace-revoked-token-notification https://tools.ietf.org/html/draft-tiloca-ace-revoked-token-notification-01 The document describes how an Authorization Server can notify Clients and Resource Servers of revoked but yet not expired

Re: [Ace] Comments on the MQTT draft

> > > [CS] Yes. We opted for not keeping any state because that indeed had too > many problematic issues. One was, as I already mentioned, extra state kept > for a time determined by the client (session expiry) - which we thought > would cause trouble. There are some non-normative text in MQTT

Re: [Ace] I-D Action: draft-ietf-ace-oscore-profile-10.txt

Hi Ben, ace, These 2 updates (09 and 10) address almost all the AD review comments of v-08. V-09 covers the majority of them, as we discussed in this thread: https://mailarchive.ietf.org/arch/msg/ace/rgVfs3dzcWQnNlXn331DdpQfwwQ/ and listed in this issue: