The IESG has received a request from the Authentication and Authorization for Constrained Environments WG (ace) to consider the following document: - 'Key Management for Group Object Security for Constrained RESTful Environments (Group OSCORE) Using Authentication and Authorization for Constrained Environments (ACE)' <draft-ietf-ace-key-groupcomm-oscore-18.txt> as Proposed Standard
The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the [email protected] mailing lists by 2025-09-25. Exceptionally, comments may be sent to [email protected] instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract This document defines an application profile of the Authentication and Authorization for Constrained Environments (ACE) framework, to request and provision keying material in group communication scenarios that are based on the Constrained Application Protocol (CoAP) and are secured with Group Object Security for Constrained RESTful Environments (Group OSCORE). This application profile delegates the authentication and authorization of Clients, which join an OSCORE group through a Resource Server acting as Group Manager for that group. This application profile leverages protocol-specific transport profiles of ACE to achieve communication security, server authentication, and proof of possession for a key owned by the Client and bound to an OAuth 2.0 access token. The file can be obtained via https://datatracker.ietf.org/doc/draft-ietf-ace-key-groupcomm-oscore/ No IPR declarations have been submitted directly on this I-D. _______________________________________________ Ace mailing list -- [email protected] To unsubscribe send an email to [email protected]
