Technical Summary
This document defines how to use the Authentication and Authorization
for Constrained Environments (ACE) framework to distribute keying
material and configuration parameters for secure group communication.
Candidate group members acting as Clients and authorized to join a
group can do so by interacting with a Key Distribution Center (KDC)
acting as Resource Server, from which they obtain the keying material
to communicate with other group members. While defining general
message formats as well as the interface and operations available at
the KDC, this document supports different approaches and protocols
for secure group communication. Therefore, details are delegated to
separate application profiles of this document, as specialized
instances that target a particular group communication approach and
define how communications in the group are protected. Compliance
requirements for such application profiles are also specified.
Working Group Summary
No controversies.
Document Quality
This draft in itself cannot be implemented. The API and message template
formats that it defines have to be instantiated by its profiles (such as
key-groupcomm-oscore), which can rather be implemented. The latest has been
implemented in the java ACE implementation for Californium
https://bitbucket.org/marco-tiloca-sics/ace-java/
Personnel
The Document Shepherd for this document is Daniel Migault. The
Responsible Area Director is Paul Wouters.