[Ace] Protocol Action: 'Notification of Revoked Access Tokens in the Authentication and Authorization for Constrained Environments (ACE) Framework' to Proposed Standard (draft-ietf-ace-revoked-token-notification-09.txt)
The IESG <iesg-secretary@ietf.org> Fri, 18 October 2024 18:01 UTC
Return-Path: <iesg-secretary@ietf.org>
X-Original-To: ace@ietf.org
Delivered-To: ace@ietfa.amsl.com
Received: from [10.244.8.251] (unknown [104.131.183.230]) by ietfa.amsl.com (Postfix) with ESMTP id BA827C14CF18; Fri, 18 Oct 2024 11:01:29 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 12.25.0
Auto-Submitted: auto-generated
Precedence: bulk
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
Message-ID: <172927448942.1567185.17161556200875402168@dt-datatracker-78dc5ccf94-w8wgc>
Date: Fri, 18 Oct 2024 11:01:29 -0700
Message-ID-Hash: SXR7F4BPILRK6DNLJV2IRBCCVX5RDZ2X
X-Message-ID-Hash: SXR7F4BPILRK6DNLJV2IRBCCVX5RDZ2X
X-MailFrom: iesg-secretary@ietf.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-ace.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: The IESG <iesg@ietf.org>, ace-chairs@ietf.org, ace@ietf.org, draft-ietf-ace-revoked-token-notification@ietf.org, goran.selander@ericsson.com, paul.wouters@aiven.io, rfc-editor@rfc-editor.org
X-Mailman-Version: 3.3.9rc6
Subject: [Ace] Protocol Action: 'Notification of Revoked Access Tokens in the Authentication and Authorization for Constrained Environments (ACE) Framework' to Proposed Standard (draft-ietf-ace-revoked-token-notification-09.txt)
List-Id: "Authentication and Authorization for Constrained Environments (ace)" <ace.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/DGf7XudGjwtGRgZ_pka4pyfG_1g>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Owner: <mailto:ace-owner@ietf.org>
List-Post: <mailto:ace@ietf.org>
List-Subscribe: <mailto:ace-join@ietf.org>
List-Unsubscribe: <mailto:ace-leave@ietf.org>
The IESG has approved the following document: - 'Notification of Revoked Access Tokens in the Authentication and Authorization for Constrained Environments (ACE) Framework' (draft-ietf-ace-revoked-token-notification-09.txt) as Proposed Standard This document is the product of the Authentication and Authorization for Constrained Environments Working Group. The IESG contact persons are Paul Wouters and Deb Cooley. A URL of this Internet-Draft is: https://datatracker.ietf.org/doc/draft-ietf-ace-revoked-token-notification/ Technical Summary This document specifies a method of the Authentication and Authorization for Constrained Environments (ACE) framework, which allows an Authorization Server to notify Clients and Resource Servers (i.e., registered devices) about revoked access tokens. As specified in this document, the method allows Clients and Resource Servers to access a Token Revocation List on the Authorization Server by using the Constrained Application Protocol (CoAP), with the possible additional use of resource observation. Resulting (unsolicited) notifications of revoked access tokens complement alternative approaches such as token introspection, while not requiring additional endpoints on Clients and Resource Servers. Working Group Summary The working group consensus represents a strong concurrence of 7+ individuals with others being silent. Document Quality There is an existing implementation by Marco Rasori, CNR: https://bitbucket.org/marco-rasori-iit/ace-java/src/ucs/ Personnel The Document Shepherd for this document is Göran Selander. The Responsible Area Director is Paul Wouters.