| draft-ietf-ace-oscore-profile-18.txt | draft-ietf-ace-oscore-profile-19.txt | |||
|---|---|---|---|---|
| ACE Working Group F. Palombini | ACE Working Group F. Palombini | |||
| Internet-Draft Ericsson AB | Internet-Draft Ericsson AB | |||
| Intended status: Standards Track L. Seitz | Intended status: Standards Track L. Seitz | |||
| Expires: 16 October 2021 Combitech | Expires: 7 November 2021 Combitech | |||
| G. Selander | G. Selander | |||
| Ericsson AB | Ericsson AB | |||
| M. Gunnarsson | M. Gunnarsson | |||
| RISE | RISE | |||
| 14 April 2021 | 6 May 2021 | |||
| OSCORE Profile of the Authentication and Authorization for Constrained | OSCORE Profile of the Authentication and Authorization for Constrained | |||
| Environments Framework | Environments Framework | |||
| draft-ietf-ace-oscore-profile-18 | draft-ietf-ace-oscore-profile-19 | |||
| Abstract | Abstract | |||
| This document specifies a profile for the Authentication and | This document specifies a profile for the Authentication and | |||
| Authorization for Constrained Environments (ACE) framework. It | Authorization for Constrained Environments (ACE) framework. It | |||
| utilizes Object Security for Constrained RESTful Environments | utilizes Object Security for Constrained RESTful Environments | |||
| (OSCORE) to provide communication security and proof-of-possession | (OSCORE) to provide communication security and proof-of-possession | |||
| for a key owned by the client and bound to an OAuth 2.0 access token. | for a key owned by the client and bound to an OAuth 2.0 access token. | |||
| Status of This Memo | Status of This Memo | |||
| skipping to change at page 1, line 40 ¶ | skipping to change at page 1, line 40 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at https://datatracker.ietf.org/drafts/current/. | Drafts is at https://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on 16 October 2021. | This Internet-Draft will expire on 7 November 2021. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2021 IETF Trust and the persons identified as the | Copyright (c) 2021 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents (https://trustee.ietf.org/ | Provisions Relating to IETF Documents (https://trustee.ietf.org/ | |||
| license-info) in effect on the date of publication of this document. | license-info) in effect on the date of publication of this document. | |||
| skipping to change at page 30, line 40 ¶ | skipping to change at page 30, line 40 ¶ | |||
| [COSE.Algorithms] | [COSE.Algorithms] | |||
| IANA, "COSE Algorithms", | IANA, "COSE Algorithms", | |||
| <https://www.iana.org/assignments/cose/ | <https://www.iana.org/assignments/cose/ | |||
| cose.xhtml#algorithms>. | cose.xhtml#algorithms>. | |||
| [I-D.ietf-ace-oauth-authz] | [I-D.ietf-ace-oauth-authz] | |||
| Seitz, L., Selander, G., Wahlstroem, E., Erdtman, S., and | Seitz, L., Selander, G., Wahlstroem, E., Erdtman, S., and | |||
| H. Tschofenig, "Authentication and Authorization for | H. Tschofenig, "Authentication and Authorization for | |||
| Constrained Environments (ACE) using the OAuth 2.0 | Constrained Environments (ACE) using the OAuth 2.0 | |||
| Framework (ACE-OAuth)", Work in Progress, Internet-Draft, | Framework (ACE-OAuth)", Work in Progress, Internet-Draft, | |||
| draft-ietf-ace-oauth-authz-36, 16 November 2020, | draft-ietf-ace-oauth-authz-40, 26 April 2021, | |||
| <http://www.ietf.org/internet-drafts/draft-ietf-ace-oauth- | <https://www.ietf.org/archive/id/draft-ietf-ace-oauth- | |||
| authz-36.txt>. | authz-40.txt>. | |||
| [I-D.ietf-ace-oauth-params] | [I-D.ietf-ace-oauth-params] | |||
| Seitz, L., "Additional OAuth Parameters for Authorization | Seitz, L., "Additional OAuth Parameters for Authorization | |||
| in Constrained Environments (ACE)", Work in Progress, | in Constrained Environments (ACE)", Work in Progress, | |||
| Internet-Draft, draft-ietf-ace-oauth-params-13, 28 April | Internet-Draft, draft-ietf-ace-oauth-params-14, 25 March | |||
| 2020, <http://www.ietf.org/internet-drafts/draft-ietf-ace- | 2021, <https://www.ietf.org/archive/id/draft-ietf-ace- | |||
| oauth-params-13.txt>. | oauth-params-14.txt>. | |||
| [I-D.ietf-cose-rfc8152bis-algs] | [I-D.ietf-cose-rfc8152bis-algs] | |||
| Schaad, J., "CBOR Object Signing and Encryption (COSE): | Schaad, J., "CBOR Object Signing and Encryption (COSE): | |||
| Initial Algorithms", Work in Progress, Internet-Draft, | Initial Algorithms", Work in Progress, Internet-Draft, | |||
| draft-ietf-cose-rfc8152bis-algs-12, 24 September 2020, | draft-ietf-cose-rfc8152bis-algs-12, 24 September 2020, | |||
| <http://www.ietf.org/internet-drafts/draft-ietf-cose- | <https://www.ietf.org/archive/id/draft-ietf-cose- | |||
| rfc8152bis-algs-12.txt>. | rfc8152bis-algs-12.txt>. | |||
| [I-D.ietf-cose-rfc8152bis-struct] | [I-D.ietf-cose-rfc8152bis-struct] | |||
| Schaad, J., "CBOR Object Signing and Encryption (COSE): | Schaad, J., "CBOR Object Signing and Encryption (COSE): | |||
| Structures and Process", Work in Progress, Internet-Draft, | Structures and Process", Work in Progress, Internet-Draft, | |||
| draft-ietf-cose-rfc8152bis-struct-14, 24 September 2020, | draft-ietf-cose-rfc8152bis-struct-15, 1 February 2021, | |||
| <http://www.ietf.org/internet-drafts/draft-ietf-cose- | <https://www.ietf.org/archive/id/draft-ietf-cose- | |||
| rfc8152bis-struct-14.txt>. | rfc8152bis-struct-15.txt>. | |||
| [IANA.CWTConfirmationMethods] | [IANA.CWTConfirmationMethods] | |||
| IANA, "CWT Confirmation Methods", | IANA, "CWT Confirmation Methods", | |||
| <https://www.iana.org/assignments/cwt/ | <https://www.iana.org/assignments/cwt/ | |||
| cwt.xhtml#confirmation-methods>. | cwt.xhtml#confirmation-methods>. | |||
| [IANA.JWTConfirmationMethods] | [IANA.JWTConfirmationMethods] | |||
| IANA, "JWT Confirmation Methods", | IANA, "JWT Confirmation Methods", | |||
| <https://www.iana.org/assignments/jwt/ | <https://www.iana.org/assignments/jwt/ | |||
| jwt.xhtml#confirmation-methods>. | jwt.xhtml#confirmation-methods>. | |||
| skipping to change at page 32, line 31 ¶ | skipping to change at page 32, line 31 ¶ | |||
| Representation (CBOR)", STD 94, RFC 8949, | Representation (CBOR)", STD 94, RFC 8949, | |||
| DOI 10.17487/RFC8949, December 2020, | DOI 10.17487/RFC8949, December 2020, | |||
| <https://www.rfc-editor.org/info/rfc8949>. | <https://www.rfc-editor.org/info/rfc8949>. | |||
| 10.2. Informative References | 10.2. Informative References | |||
| [I-D.ietf-tls-dtls13] | [I-D.ietf-tls-dtls13] | |||
| Rescorla, E., Tschofenig, H., and N. Modadugu, "The | Rescorla, E., Tschofenig, H., and N. Modadugu, "The | |||
| Datagram Transport Layer Security (DTLS) Protocol Version | Datagram Transport Layer Security (DTLS) Protocol Version | |||
| 1.3", Work in Progress, Internet-Draft, draft-ietf-tls- | 1.3", Work in Progress, Internet-Draft, draft-ietf-tls- | |||
| dtls13-40, 20 January 2021, <http://www.ietf.org/internet- | dtls13-43, 30 April 2021, <https://www.ietf.org/internet- | |||
| drafts/draft-ietf-tls-dtls13-40.txt>. | drafts/draft-ietf-tls-dtls13-43.txt>. | |||
| [RFC4949] Shirey, R., "Internet Security Glossary, Version 2", | [RFC4949] Shirey, R., "Internet Security Glossary, Version 2", | |||
| FYI 36, RFC 4949, DOI 10.17487/RFC4949, August 2007, | FYI 36, RFC 4949, DOI 10.17487/RFC4949, August 2007, | |||
| <https://www.rfc-editor.org/info/rfc4949>. | <https://www.rfc-editor.org/info/rfc4949>. | |||
| [RFC6749] Hardt, D., Ed., "The OAuth 2.0 Authorization Framework", | [RFC6749] Hardt, D., Ed., "The OAuth 2.0 Authorization Framework", | |||
| RFC 6749, DOI 10.17487/RFC6749, October 2012, | RFC 6749, DOI 10.17487/RFC6749, October 2012, | |||
| <https://www.rfc-editor.org/info/rfc6749>. | <https://www.rfc-editor.org/info/rfc6749>. | |||
| [RFC7231] Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer | [RFC7231] Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer | |||
| skipping to change at page 34, line 31 ¶ | skipping to change at page 34, line 31 ¶ | |||
| Ericsson AB | Ericsson AB | |||
| Email: francesca.palombini@ericsson.com | Email: francesca.palombini@ericsson.com | |||
| Ludwig Seitz | Ludwig Seitz | |||
| Combitech | Combitech | |||
| Djaeknegatan 31 | Djaeknegatan 31 | |||
| SE-211 35 Malmoe | SE-211 35 Malmoe | |||
| Sweden | Sweden | |||
| Email: ludwig.seitz@combitech.se | Email: ludwig.seitz@combitech.com | |||
| Göran Selander | Göran Selander | |||
| Ericsson AB | Ericsson AB | |||
| Email: goran.selander@ericsson.com | Email: goran.selander@ericsson.com | |||
| Martin Gunnarsson | Martin Gunnarsson | |||
| RISE | RISE | |||
| Scheelevagen 17 | Scheelevagen 17 | |||
| SE-22370 Lund | SE-22370 Lund | |||
| End of changes. 10 change blocks. | ||||
| 17 lines changed or deleted | 17 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||