Message Queuing Telemetry Transport (MQTT) and Transport Layer Security (TLS) Profile of Authentication and Authorization for Constrained Environments (ACE) Framework
draft-ietf-ace-mqtt-tls-profile-17

• Status
• IESG evaluation record
• IESG writeups
• Email expansions
• History

Approval announcement
Draft of message to be sent after approval:

Announcement

From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Cc: Daniel Migault <daniel.migault@ericsson.com>, The IESG <iesg@ietf.org>, ace-chairs@ietf.org, ace@ietf.org, daniel.migault@ericsson.com, draft-ietf-ace-mqtt-tls-profile@ietf.org, kaduk@mit.edu, rfc-editor@rfc-editor.org
Subject: Protocol Action: 'Message Queuing Telemetry Transport (MQTT)-TLS profile of Authentication and Authorization for Constrained Environments (ACE) Framework' to Proposed Standard (draft-ietf-ace-mqtt-tls-profile-17.txt)

The IESG has approved the following document:
- 'Message Queuing Telemetry Transport (MQTT)-TLS profile of
   Authentication and Authorization for Constrained Environments (ACE)
   Framework'
  (draft-ietf-ace-mqtt-tls-profile-17.txt) as Proposed Standard

This document is the product of the Authentication and Authorization for
Constrained Environments Working Group.

The IESG contact persons are Benjamin Kaduk and Roman Danyliw.

A URL of this Internet Draft is:
https://datatracker.ietf.org/doc/draft-ietf-ace-mqtt-tls-profile/

Ballot Text

Technical Summary

   This document specifies a profile for the ACE (Authentication and
   Authorization for Constrained Environments) framework to enable
   authorization in an Message Queuing Telemetry Transport (MQTT)-based
   publish-subscribe messaging system.  Proof-of-possession keys, bound
   to OAuth2.0 access tokens, are used to authenticate and authorize
   MQTT Clients.  The protocol relies on TLS for confidentiality and
   MQTT server (broker) authentication.

Working Group Summary

   This document had an uneventful journey through the WG, gathering
   feedback over multiple review cycles, with progress being driven by
   understanding and resolving potential issues and no major points of controversy.

Document Quality

There are at least two known implementations:
 * Implementation using the HiveMQ CE is a Java-based open source MQTT broker that fully supports MQTT 3.x and MQTT 5.  
https://github.com/michaelg9/HiveACEclient  

The Media-Type registration was sent to the media-types list for review at
https://mailarchive.ietf.org/arch/msg/media-types/85kGXBBKaWqIoCSU5k7GrE5FRWw/
though no comments were received.

Personnel

Daniel Migault is the Document Shepherd.
Benjamin Kaduk is the Responsible AD.

RFC Editor Note