The IESG has approved the following document: - 'Group Object Security for Constrained RESTful Environments (Group OSCORE)' (draft-ietf-core-oscore-groupcomm-28.txt) as Proposed Standard
This document is the product of the Constrained RESTful Environments Working Group. The IESG contact persons are Gorry Fairhurst and Mike Bishop. A URL of this Internet-Draft is: https://datatracker.ietf.org/doc/draft-ietf-core-oscore-groupcomm/ Technical Summary This document defines the security protocol Group Object Security for Constrained RESTful Environments (Group OSCORE), providing end-to-end security of CoAP messages exchanged between members of a group, e.g., sent over IP multicast. In particular, the described protocol defines how OSCORE is used in a group communication setting to provide source authentication for CoAP group requests, sent by a client to multiple servers, and for protection of the corresponding CoAP responses. Group OSCORE also defines a pairwise mode where each member of the group can efficiently derive a symmetric pairwise key with each other member of the group for pairwise OSCORE communication. Group OSCORE can be used between endpoints communicating with CoAP or CoAP-mappable HTTP. Working Group Summary There are several in the WG who did not speak on the subject, but a good subset participated in discussions and reviews. Beyond that, the document is a critical dependency of draft-ietf-core-groupcomm-bis (which brings indirect support from more of the group). Document Quality Section 13 of the document lists the implementations status along with an interop report. * Californium (Java; RISE / Rikard Höglund) * aiocoap (Python; Christian Amsüss) At least three more implementations were tested on older versions, and have not been updated to the latest draft. During Last Call, feedback from several directorates and review teams was incorporated. Personnel The Document Shepherd for this document is Christian Amsüss. The Responsible Area Director is Mike Bishop. IANA Note This document makes two new registrations in existing registries and does not create any new registries. _______________________________________________ IETF-Announce mailing list -- [email protected] To unsubscribe send an email to [email protected]
