Skip to main content

The Object Security for Constrained RESTful Environments (OSCORE) Profile of the Authentication and Authorization for Constrained Environments (ACE) Framework
draft-ietf-ace-oscore-profile-19

Approval announcement
Draft of message to be sent after approval:

Announcement

From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Cc: The IESG <iesg@ietf.org>, ace-chairs@ietf.org, ace@ietf.org, draft-ietf-ace-oscore-profile@ietf.org, kaduk@mit.edu, rfc-editor@rfc-editor.org
Subject: Protocol Action: 'OSCORE Profile of the Authentication and Authorization for Constrained Environments Framework' to Proposed Standard (draft-ietf-ace-oscore-profile-19.txt)

The IESG has approved the following document:
- 'OSCORE Profile of the Authentication and Authorization for Constrained
   Environments Framework'
  (draft-ietf-ace-oscore-profile-19.txt) as Proposed Standard

This document is the product of the Authentication and Authorization for
Constrained Environments Working Group.

The IESG contact persons are Benjamin Kaduk and Roman Danyliw.

A URL of this Internet Draft is:
https://datatracker.ietf.org/doc/draft-ietf-ace-oscore-profile/


Ballot Text

Technical Summary

  The OAuth authentication and Authorization for Constrained Devices
  provides a message format and framework for moving keys and tokens
  between authority servers, clients, and resource servers.
  This document provides a set of security services with OSCORE so that the
  communication and authorizations can be performed.

Working Group Summary

  Once the CoRE document dealing with OSCORE was finalized there was
  only one issue of significance.  That issue was how to deal
  with re-use of tokens in order to make sure that the same
  transport key was not going to be regenerated.  This has 
  been addressed.

Document Quality

  The document has been fairly extensively vetted.  There are
  at least two implementations of a version of the document
  prior to the WGLC being done.

Personnel

Jim Schaad was the document shepherd.  Ben Kaduk is the responsible AD.

RFC Editor Note

RFC Editor Note

 This document uses the non-BCP-14 keyword "RECOMMENDS" in a handful
 of locations; please help rephrase them to use the "RECOMMENDED" keyword.