[Ace] Last Call: <draft-ietf-ace-revoked-token-notification-06.txt> (Notification of Revoked Access Tokens in the Authentication and Authorization for Constrained Environments (ACE) Framework) to Proposed Standard
The IESG <iesg-secretary@ietf.org> Fri, 15 March 2024 03:59 UTC
Return-Path: <iesg-secretary@ietf.org>
X-Original-To: ace@ietf.org
Delivered-To: ace@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 1F806C14F5FB; Thu, 14 Mar 2024 20:59:52 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 12.8.0
Auto-Submitted: auto-generated
Precedence: bulk
CC: ace-chairs@ietf.org, ace@ietf.org, draft-ietf-ace-revoked-token-notification@ietf.org, goran.selander@ericsson.com, paul.wouters@aiven.io
Reply-To: last-call@ietf.org
Sender: iesg-secretary@ietf.org
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Message-ID: <171047519211.20396.13865839643560227821@ietfa.amsl.com>
Date: Thu, 14 Mar 2024 20:59:52 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/J1nxEPkKl1csgNXK7z-UqrlI52w>
Subject: [Ace] Last Call: <draft-ietf-ace-revoked-token-notification-06.txt> (Notification of Revoked Access Tokens in the Authentication and Authorization for Constrained Environments (ACE) Framework) to Proposed Standard
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.39
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 15 Mar 2024 03:59:52 -0000
The IESG has received a request from the Authentication and Authorization for Constrained Environments WG (ace) to consider the following document: - 'Notification of Revoked Access Tokens in the Authentication and Authorization for Constrained Environments (ACE) Framework' <draft-ietf-ace-revoked-token-notification-06.txt> as Proposed Standard The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the last-call@ietf.org mailing lists by 2024-04-05. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract This document specifies a method of the Authentication and Authorization for Constrained Environments (ACE) framework, which allows an Authorization Server to notify Clients and Resource Servers (i.e., registered devices) about revoked access tokens. As specified in this document, the method allows Clients and Resource Servers to access a Token Revocation List on the Authorization Server by using the Constrained Application Protocol (CoAP), with the possible additional use of resource observation. Resulting (unsolicited) notifications of revoked access tokens complement alternative approaches such as token introspection, while not requiring additional endpoints on Clients and Resource Servers. The file can be obtained via https://datatracker.ietf.org/doc/draft-ietf-ace-revoked-token-notification/ No IPR declarations have been submitted directly on this I-D.