%% You should probably cite draft-ietf-ace-group-oscore-profile instead of this I-D. @techreport{tiloca-ace-group-oscore-profile-03, number = {draft-tiloca-ace-group-oscore-profile-03}, type = {Internet-Draft}, institution = {Internet Engineering Task Force}, publisher = {Internet Engineering Task Force}, note = {Work in Progress}, url = {https://datatracker.ietf.org/doc/draft-tiloca-ace-group-oscore-profile/03/}, author = {Marco Tiloca and Rikard Höglund and Ludwig Seitz and Francesca Palombini}, title = {{Group OSCORE Profile of the Authentication and Authorization for Constrained Environments Framework}}, pagetotal = 53, year = 2020, month = jul, day = 13, abstract = {This document specifies a profile for the Authentication and Authorization for Constrained Environments (ACE) framework. The profile uses Group OSCORE to provide communication security between a Client and a (set of) Resource Server(s) as members of an OSCORE Group. The profile securely binds an OAuth 2.0 Access Token with the public key of the Client associated to the signing private key used in the OSCORE group. The profile uses Group OSCORE to achieve server authentication, as well as proof-of-possession for the Client public key. Also, it provides proof of Client's membership to the correct OSCORE group, by binding the Access Token to information from the Group OSCORE Security Context, thus allowing the Resource Server(s) to verify the Client's membership upon receiving a message protected with Group OSCORE from the Client.}, }