[Ace] I-D Action: draft-ietf-ace-group-oscore-profile-02.txt
internet-drafts@ietf.org Mon, 08 July 2024 17:19 UTC
Return-Path: <internet-drafts@ietf.org>
X-Original-To: ace@ietf.org
Delivered-To: ace@ietfa.amsl.com
Received: from [10.244.2.22] (unknown [104.131.183.230]) by ietfa.amsl.com (Postfix) with ESMTP id E38DDC344BB1; Mon, 8 Jul 2024 10:19:34 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 12.17.1
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <172045917457.463749.16759070552086192324@dt-datatracker-5f88556585-j5r2h>
Date: Mon, 08 Jul 2024 10:19:34 -0700
Message-ID-Hash: UABDPLJVLM7CXGJTJ7OCK73YUU4THMX4
X-Message-ID-Hash: UABDPLJVLM7CXGJTJ7OCK73YUU4THMX4
X-MailFrom: internet-drafts@ietf.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-ace.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: ace@ietf.org
X-Mailman-Version: 3.3.9rc4
Reply-To: ace@ietf.org
Subject: [Ace] I-D Action: draft-ietf-ace-group-oscore-profile-02.txt
List-Id: "Authentication and Authorization for Constrained Environments (ace)" <ace.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/hFMddJaD1DYJ-YRJ1tBI2DA__1E>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Owner: <mailto:ace-owner@ietf.org>
List-Post: <mailto:ace@ietf.org>
List-Subscribe: <mailto:ace-join@ietf.org>
List-Unsubscribe: <mailto:ace-leave@ietf.org>
Internet-Draft draft-ietf-ace-group-oscore-profile-02.txt is now available. It
is a work item of the Authentication and Authorization for Constrained
Environments (ACE) WG of the IETF.
Title: The Group Object Security for Constrained RESTful Environments (Group OSCORE) Profile of the Authentication and Authorization for Constrained Environments (ACE) Framework
Authors: Marco Tiloca
Rikard Höglund
Francesca Palombini
Name: draft-ietf-ace-group-oscore-profile-02.txt
Pages: 48
Dates: 2024-07-08
Abstract:
This document specifies a profile for the Authentication and
Authorization for Constrained Environments (ACE) framework. The
profile uses Group Object Security for Constrained RESTful
Environments (Group OSCORE) to provide communication security between
a Client and one or multiple Resource Servers that are members of an
OSCORE group. The profile securely binds an OAuth 2.0 Access Token
to the public key of the Client associated with the private key used
by that Client in the OSCORE group. The profile uses Group OSCORE to
achieve server authentication, as well as proof-of-possession for the
Client's public key. Also, it provides proof of the Client's
membership to the OSCORE group by binding the Access Token to
information from the Group OSCORE Security Context, thus allowing the
Resource Server(s) to verify the Client's membership upon receiving a
message protected with Group OSCORE from the Client. Effectively,
the profile enables fine-grained access control paired with secure
group communication, in accordance with the Zero Trust principles.
The IETF datatracker status page for this Internet-Draft is:
https://datatracker.ietf.org/doc/draft-ietf-ace-group-oscore-profile/
There is also an HTML version available at:
https://www.ietf.org/archive/id/draft-ietf-ace-group-oscore-profile-02.html
A diff from the previous version is available at:
https://author-tools.ietf.org/iddiff?url2=draft-ietf-ace-group-oscore-profile-02
Internet-Drafts are also available by rsync at:
rsync.ietf.org::internet-drafts
- [Ace] I-D Action: draft-ietf-ace-group-oscore-pro… internet-drafts