Skip to main content

Delegated CoAP Authentication and Authorization Framework (DCAF)

Document Type Expired Internet-Draft (individual)
Expired & archived
Authors Stefanie Gerdes , Olaf Bergmann , Carsten Bormann
Last updated 2016-04-21 (Latest revision 2015-10-19)
Replaces draft-gerdes-core-dcaf-authorize
RFC stream (None)
Intended RFC status (None)
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


This specification defines a protocol for delegating client authentication and authorization in a constrained environment for establishing a Datagram Transport Layer Security (DTLS) channel between resource-constrained nodes. The protocol relies on DTLS to transfer authorization information and shared secrets for symmetric cryptography between entities in a constrained network. A resource- constrained node can use this protocol to delegate authentication of communication peers and management of authorization information to a trusted host with less severe limitations regarding processing power and memory.


Stefanie Gerdes
Olaf Bergmann
Carsten Bormann

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)