Delegated CoAP Authentication and Authorization Framework (DCAF)

Document Type Replaced Internet-Draft (individual)
Authors Stefanie Gerdes  , Olaf Bergmann  , Carsten Bormann 
Last updated 2014-07-07 (latest revision 2014-02-14)
Replaced by draft-gerdes-ace-dcaf-authorize
Stream (None)
Expired & archived
plain text xml pdf htmlized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Replaced by draft-gerdes-ace-dcaf-authorize
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


This specification defines a protocol for delegating client authentication and authorization in a constrained environment for establishing a Datagram Transport Layer Security (DTLS) channel between resource-constrained nodes. The protocol relies on DTLS to transfer authorization information and shared secrets for symmetric cryptography between entities in a constrained network. A resource- constrained node can use this protocol to delegate authentication of communication peers and management of authorization information to a trusted host with less severe limitations regarding processing power and memory.


Stefanie Gerdes (
Olaf Bergmann (
Carsten Bormann (

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)