A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Authentication and Authorization for
Constrained Environments WG of the IETF.
Title : Notification of Revoked Access Tokens in the
Authentication and Authorization for Constrained Environments (ACE) Framework
Authors : Marco Tiloca
Ludwig Seitz
Francesca Palombini
Sebastian Echeverria
Grace Lewis
Filename : draft-ietf-ace-revoked-token-notification-00.txt
Pages : 35
Date : 2021-11-26
Abstract:
This document specifies a method of the Authentication and
Authorization for Constrained Environments (ACE) framework, which
allows an Authorization Server to notify Clients and Resource Servers
(i.e., registered devices) about revoked Access Tokens. The method
relies on resource observation for the Constrained Application
Protocol (CoAP), with Clients and Resource Servers observing a Token
Revocation List on the Authorization Server. Resulting unsolicited
notifications of revoked Access Tokens complement alternative
approaches such as token introspection, while not requiring
additional endpoints on Clients and Resource Servers.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-ace-revoked-token-notification/
There is also an htmlized version available at:
https://datatracker.ietf.org/doc/html/draft-ietf-ace-revoked-token-notification-00
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
_______________________________________________
Ace mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ace
