Authentication and Authorization for Constrained Environments
|The information below is for a proposed recharter. The current approved charter is version 01|
|Document||Proposed charter||Authentication and Authorization for Constrained Environments WG (ace)|
|Title||Authentication and Authorization for Constrained Environments|
|State||Start Chartering/Rechartering (Internal Steering Group/IAB Review) Rechartering|
|IESG||Responsible AD||Benjamin Kaduk|
|Charter Edit AD||Benjamin Kaduk|
Has enough positions to pass.
|Send notices to||(None)|
The Authentication and Authorization for Constrained Environments (ace) WG has defined a standardized solution framework for authentication and authorization to enable authorized access to resources identified by a URI and hosted on a resource server in constrained environments. The access to the resource is mediated by an authorization server, which is not considered to be constrained. Profiles of this framework for application to security protocols commonly used in constrained environments, including CoAP+DTLS and CoAP+OSCORE, have also been standardized. The Working Group is charged with maintenance of the framework and existing profiles thereof, and may undertake work to specify profiles of the framework for additional secure communications protocols and for additional support services providing authorized access to crypto keys (that are not necessarily limited to constrained endpoints, though the focus remains on deployment in ecosystems with a substantial portion of constrained devices). In addition to the ongoing maintenance work, the Working Group will extend the framework as needed for applicability to group communications, with initial focus on (D)TLS and (Group) OSCORE as the underlying group communication security protocols. The Working Group will standardize procedures for requesting and distributing group keying material using the ACE framework as well as appropriated management interfaces. The Working Group will standardize a format for expressing authorization information for a given authenticated principal as received from an authorization manager. The Working Group will examine how to use Constrained Application Protocol (CoAP) as a transport medium for certificate enrollment protocols, such as EST and CMPv2, as well as a transport for authentication protocols such as EAP, and standardize as needed.
No milestones for charter found.