A New Internet-Draft is available from the on-line Internet-Drafts
directories. This Internet-Draft is a work item of the Authentication and
Authorization for Constrained Environments (ACE) WG of the IETF.
Title : Notification of Revoked Access Tokens in the
Authentication and Authorization for Constrained Environments (ACE) Framework
Authors : Marco Tiloca
Francesca Palombini
Sebastian Echeverria
Grace Lewis
Filename : draft-ietf-ace-revoked-token-notification-06.txt
Pages : 59
Date : 2023-06-02
Abstract:
This document specifies a method of the Authentication and
Authorization for Constrained Environments (ACE) framework, which
allows an Authorization Server to notify Clients and Resource Servers
(i.e., registered devices) about revoked access tokens. As specified
in this document, the method allows Clients and Resource Servers to
access a Token Revocation List on the Authorization Server by using
the Constrained Application Protocol (CoAP), with the possible
additional use of resource observation. Resulting (unsolicited)
notifications of revoked access tokens complement alternative
approaches such as token introspection, while not requiring
additional endpoints on Clients and Resource Servers.
The IETF datatracker status page for this Internet-Draft is:
https://datatracker.ietf.org/doc/draft-ietf-ace-revoked-token-notification/
There is also an HTML version available at:
https://www.ietf.org/archive/id/draft-ietf-ace-revoked-token-notification-06.html
A diff from the previous version is available at:
https://author-tools.ietf.org/iddiff?url2=draft-ietf-ace-revoked-token-notification-06
Internet-Drafts are also available by rsync at rsync.ietf.org::internet-drafts
_______________________________________________
Ace mailing list
Ace@ietf.org
https://www.ietf.org/mailman/listinfo/ace
