Skip to main content

Delegated CoAP Authentication and Authorization Framework (DCAF)

Document Type Expired Internet-Draft (individual)
Authors Stefanie Gerdes , Olaf Bergmann , Carsten Bormann
Last updated 2016-04-21 (Latest revision 2015-10-19)
Replaces draft-gerdes-core-dcaf-authorize
Stream (None)
Intended RFC status (None)
Expired & archived
plain text xml htmlized pdfized bibtex
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date (None)
Responsible AD (None)
Send notices to (None)
This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at:


This specification defines a protocol for delegating client authentication and authorization in a constrained environment for establishing a Datagram Transport Layer Security (DTLS) channel between resource-constrained nodes. The protocol relies on DTLS to transfer authorization information and shared secrets for symmetric cryptography between entities in a constrained network. A resource- constrained node can use this protocol to delegate authentication of communication peers and management of authorization information to a trusted host with less severe limitations regarding processing power and memory.


Stefanie Gerdes
Olaf Bergmann
Carsten Bormann

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)