A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Authentication and Authorization for
Constrained Environments WG of the IETF.
Title : Notification of Revoked Access Tokens in the
Authentication and Authorization for Constrained Environments (ACE) Framework
Authors : Marco Tiloca
Ludwig Seitz
Francesca Palombini
Sebastian Echeverria
Grace Lewis
Filename : draft-ietf-ace-revoked-token-notification-01.txt
Pages : 39
Date : 2022-03-07
Abstract:
This document specifies a method of the Authentication and
Authorization for Constrained Environments (ACE) framework, which
allows an Authorization Server to notify Clients and Resource Servers
(i.e., registered devices) about revoked Access Tokens. The method
allows Clients and Resource Servers to access a Token Revocation List
on the Authorization Server, with the possible additional use of
resource observation for the Constrained Application Protocol (CoAP).
Resulting (unsolicited) notifications of revoked Access Tokens
complement alternative approaches such as token introspection, while
not requiring additional endpoints on Clients and Resource Servers.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-ace-revoked-token-notification/
There is also an HTML version available at:
https://www.ietf.org/archive/id/draft-ietf-ace-revoked-token-notification-01.html
A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-ietf-ace-revoked-token-notification-01
Internet-Drafts are also available by rsync at rsync.ietf.org::internet-drafts
_______________________________________________
Ace mailing list
Ace@ietf.org
https://www.ietf.org/mailman/listinfo/ace
