A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Authentication and Authorization for
Constrained Environments WG of the IETF.
Title : An Authorization Information Format (AIF) for ACE
Author : Carsten Bormann
Filename : draft-ietf-ace-aif-01.txt
Pages : 13
Date : 2021-02-11
Abstract:
Constrained Devices as they are used in the "Internet of Things" need
security. One important element of this security is that devices in
the Internet of Things need to be able to decide which operations
requested of them should be considered authorized, need to ascertain
that the authorization to request the operation does apply to the
actual requester, and need to ascertain that other devices they place
requests on are the ones they intended.
To transfer detailed authorization information from an authorization
manager (such as an ACE-OAuth Authorization Server) to a device, a
representation format is needed. This document provides a suggestion
for such a format, the Authorization Information Format (AIF). AIF
is defined both as a general structure that can be used for many
different applications and as a specific refinement that describes
REST resources and the permissions on them.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-ace-aif/
There is also an HTML version available at:
https://www.ietf.org/archive/id/draft-ietf-ace-aif-01.html
A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-ietf-ace-aif-01
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
_______________________________________________
Ace mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ace
