This document specifies a profile for the ACE (Authentication and
Authorization for Constrained Environments) framework to enable
authorization in an Message Queuing Telemetry Transport (MQTT)-based
publish-subscribe messaging system. Proof-of-possession keys, bound
to OAuth2.0 access tokens, are used to authenticate and authorize
MQTT Clients. The protocol relies on TLS for confidentiality and
MQTT server (broker) authentication.
Working Group Summary
This document had an uneventful journey through the WG, gathering
feedback over multiple review cycles, with progress being driven by
understanding and resolving potential issues and no major points of controversy.
There are at least two known implementations:
* Implementation using the HiveMQ CE is a Java-based open source MQTT broker that fully supports MQTT 3.x and MQTT 5.
The Media-Type registration was sent to the media-types list for review at
though no comments were received.
Daniel Migault is the Document Shepherd.
Benjamin Kaduk is the Responsible AD.