Authorization-Related Tasks in Constrained Environments

Document Type Expired Internet-Draft (individual)
Author Stefanie Gerdes 
Last updated 2016-04-04 (latest revision 2015-09-29)
Stream (None)
Intended RFC status (None)
Expired & archived
plain text xml htmlized pdfized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


Constrained nodes are small devices which are limited in terms of processing power, memory, non-volatile storage and transmission capacity. Due to these constraints, commonly used security protocols are not easily applicable. Nevertheless, an authentication and authorization solution is needed to ensure the security of these devices. Due to the limitations of the constrained nodes it is especially important to develop a light-weight security solution which is adjusted to the relevant security objectives of each participating party in this environment. Necessary security measures must be identified and applied where needed. In this document, the required security related tasks are identified as guidance for the development of authentication and authorization solutions for constrained environments.


Stefanie Gerdes (

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)