Hello, I've submitted a new version to update my e-mail address, as my affiliation is going to change in the next year.
The v03 does have other changes, as I outlined in my previous email, which still needs to be discussed. The main changes are: Version 02 to 03: 1) Added the option of Broker certificate thumbprint in the 'rs_cnf' sent to the Client. 2) Clarified the use of a random nonce from the TLS Exporter for PoP, added to the IANA requirements that the label should be registered. 3) Added a client nonce, when Challenge/Response Authentication is used between Client and Broker. 4) Clarified the use of the "authz-info" topic and the error response if token validation fails. 5) Added clarification on wildcard use in scopes for publish/subscribe permissions 6) Reorganised sections so that token authorisation for publish/subscribe messages are better placed. 7) Clarified protection of Application Message payload as out of scope, and cited draft-palombini-ace-coap-pubsub-profile for a potential solution Thanks, --Cigdem ---------- Forwarded message --------- From: <[email protected]> Date: Fri, Dec 20, 2019 at 1:47 PM Subject: New Version Notification for draft-ietf-ace-mqtt-tls-profile-03.txt To: Paul Fremantle <[email protected]>, Cigdem Sengul < [email protected]>, Anthony Kirby <[email protected]> A new version of I-D, draft-ietf-ace-mqtt-tls-profile-03.txt has been successfully submitted by Cigdem Sengul and posted to the IETF repository. Name: draft-ietf-ace-mqtt-tls-profile Revision: 03 Title: MQTT-TLS profile of ACE Document date: 2019-12-20 Group: ace Pages: 27 URL: https://www.ietf.org/internet-drafts/draft-ietf-ace-mqtt-tls-profile-03.txt Status: https://datatracker.ietf.org/doc/draft-ietf-ace-mqtt-tls-profile/ Htmlized: https://tools.ietf.org/html/draft-ietf-ace-mqtt-tls-profile-03 Htmlized: https://datatracker.ietf.org/doc/html/draft-ietf-ace-mqtt-tls-profile Diff: https://www.ietf.org/rfcdiff?url2=draft-ietf-ace-mqtt-tls-profile-03 Abstract: This document specifies a profile for the ACE (Authentication and Authorization for Constrained Environments) framework to enable authorization in an MQTT-based publish-subscribe messaging system. Proof-of-possession keys, bound to OAuth2.0 access tokens, are used to authenticate and authorize MQTT Clients. The protocol relies on TLS for confidentiality and server authentication. Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. The IETF Secretariat
_______________________________________________ Ace mailing list [email protected] https://www.ietf.org/mailman/listinfo/ace
