A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Authentication and Authorization for
Constrained Environments WG of the IETF.
Title : Ephemeral Diffie-Hellman Over COSE (EDHOC) and Object
Security for Constrained Environments (OSCORE) Profile for Authentication and
Authorization for Constrained Environments (ACE)
Authors : Göran Selander
John Preuß Mattsson
Marco Tiloca
Rikard Höglund
Filename : draft-ietf-ace-edhoc-oscore-profile-00.txt
Pages : 66
Date : 2022-11-11
Abstract:
This document specifies a profile for the Authentication and
Authorization for Constrained Environments (ACE) framework. It
utilizes Ephemeral Diffie-Hellman Over COSE (EDHOC) for achieving
mutual authentication between an OAuth 2.0 Client and Resource
Server, and it binds an authentication credential of the Client to an
OAuth 2.0 access token. EDHOC also establishes an Object Security
for Constrained RESTful Environments (OSCORE) Security Context, which
is used to secure communications when accessing protected resources
according to the authorization information indicated in the access
token. A resource-constrained server can use this profile to
delegate management of authorization information to a trusted host
with less severe limitations regarding processing power and memory.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-ace-edhoc-oscore-profile/
There is also an HTML version available at:
https://www.ietf.org/archive/id/draft-ietf-ace-edhoc-oscore-profile-00.html
Internet-Drafts are also available by rsync at rsync.ietf.org::internet-drafts
_______________________________________________
Ace mailing list
Ace@ietf.org
https://www.ietf.org/mailman/listinfo/ace
