The IESG has approved the following document: - 'Notification of Revoked Access Tokens in the Authentication and Authorization for Constrained Environments (ACE) Framework' (draft-ietf-ace-revoked-token-notification-09.txt) as Proposed Standard
This document is the product of the Authentication and Authorization for Constrained Environments Working Group. The IESG contact persons are Paul Wouters and Deb Cooley. A URL of this Internet-Draft is: https://datatracker.ietf.org/doc/draft-ietf-ace-revoked-token-notification/ Technical Summary This document specifies a method of the Authentication and Authorization for Constrained Environments (ACE) framework, which allows an Authorization Server to notify Clients and Resource Servers (i.e., registered devices) about revoked access tokens. As specified in this document, the method allows Clients and Resource Servers to access a Token Revocation List on the Authorization Server by using the Constrained Application Protocol (CoAP), with the possible additional use of resource observation. Resulting (unsolicited) notifications of revoked access tokens complement alternative approaches such as token introspection, while not requiring additional endpoints on Clients and Resource Servers. Working Group Summary The working group consensus represents a strong concurrence of 7+ individuals with others being silent. Document Quality There is an existing implementation by Marco Rasori, CNR: https://bitbucket.org/marco-rasori-iit/ace-java/src/ucs/ Personnel The Document Shepherd for this document is Göran Selander. The Responsible Area Director is Paul Wouters. _______________________________________________ Ace mailing list -- ace@ietf.org To unsubscribe send an email to ace-le...@ietf.org
