Internet-Draft draft-ietf-ace-workflow-and-params-03.txt is now available. It
is a work item of the Authentication and Authorization for Constrained
Environments (ACE) WG of the IETF.
Title: Alternative Workflow and OAuth Parameters for the Authentication
and Authorization for Constrained Environments (ACE) Framework
Authors: Marco Tiloca
Göran Selander
Name: draft-ietf-ace-workflow-and-params-03.txt
Pages: 58
Dates: 2024-10-21
Abstract:
This document updates the Authentication and Authorization for
Constrained Environments Framework (ACE, RFC 9200) as follows.
First, it defines a new, alternative workflow that the authorization
server can use for uploading an access token to a resource server on
behalf of the client. Second, it defines new parameters and
encodings for the OAuth 2.0 token endpoint at the authorization
server. Third, it defines a method for the ACE framework to enforce
bidirectional access control by means of a single access token.
Fourth, it amends two of the requirements on profiles of the
framework. Finally, it deprecates the original payload format of
error responses that convey an error code, when CBOR is used to
encode message payloads. For such error responses, it defines a new
payload format aligned with RFC 9290, thus updating in this respect
also the profiles of ACE defined in RFC 9202, RFC 9203, and RFC 9431.
The IETF datatracker status page for this Internet-Draft is:
https://datatracker.ietf.org/doc/draft-ietf-ace-workflow-and-params/
There is also an HTML version available at:
https://www.ietf.org/archive/id/draft-ietf-ace-workflow-and-params-03.html
A diff from the previous version is available at:
https://author-tools.ietf.org/iddiff?url2=draft-ietf-ace-workflow-and-params-03
Internet-Drafts are also available by rsync at:
rsync.ietf.org::internet-drafts
_______________________________________________
Ace mailing list -- ace@ietf.org
To unsubscribe send an email to ace-le...@ietf.org
