[Ace] Proof-of-Possession Key Semantics for CBOR Web Tokens (CWTs) is now RFC 8747

I'm pleased to report that Proof-of-Possession Key Semantics for CBOR Web Tokens (CWTs) is now RFC 8747. The abstract of the specification is: This specification describes how to declare in a CBOR Web Token (CWT) (which is defined by RFC 8392) that

[Ace] RFC 8747 on Proof-of-Possession Key Semantics for CBOR Web Tokens (CWTs)

A new Request for Comments is now available in online RFC libraries. RFC 8747 Title: Proof-of-Possession Key Semantics for CBOR Web Tokens (CWTs) Author: M. Jones, L. Seitz, G. Selander,

Re: [Ace] draft-ietf-ace-mqtt-tls-profile-03

Hello Hannes, I will summarise below what I understood and clarify where I got confused (which I tried to in the interim meeting) and then would need the group feedback for the next steps. I became aware that the key distribution may be an issue after the e-mail thread: "Transporting different

Re: [Ace] draft-ietf-ace-mqtt-tls-profile-03

Hi Cigdem, Following the OAuth virtual interim meeting call today I wonder whether it makes sense to describe how the key transport with the PoP token using the communication between the client and the authorization server over the HTTP interface works. Ciao Hannes From: Hannes Tschofenig

[Ace] I-D Action: draft-ietf-ace-key-groupcomm-oscore-05.txt

A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Authentication and Authorization for Constrained Environments WG of the IETF. Title : Key Management for OSCORE Groups in ACE Authors : Marco

[Ace] I-D Action: draft-ietf-ace-key-groupcomm-05.txt

A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Authentication and Authorization for Constrained Environments WG of the IETF. Title : Key Provisioning for Group Communication using ACE Authors :

Re: [Ace] Comments on the MQTT draft

From: Cigdem Sengul Sent: Monday, March 9, 2020 5:35 AM To: Jim Schaad Cc: draft-ietf-ace-mqtt-tls-prof...@ietf.org; Ace Wg Subject: Re: Comments on the MQTT draft Hello Jim, Comments inline. Yes, I can see this can be problematic but this was to avoid the broker keeping

[Ace] Fwd: New Version Notification for draft-ietf-ace-mqtt-tls-profile-04.txt

Hello, As discussed in the interim, I've submitted a v04. There are a few things, which may still merit a v05, but we did the following updates on v04. The changes include: - Linked the terms Broker and MQTT server more at the introduction of the document. - Clarified support for

[Ace] I-D Action: draft-ietf-ace-mqtt-tls-profile-04.txt

A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Authentication and Authorization for Constrained Environments WG of the IETF. Title : MQTT-TLS profile of ACE Authors : Cigdem Sengul

Re: [Ace] Comments on the MQTT draft

Hello Jim, Comments inline. Yes, I can see this can be problematic but this was to avoid the broker > keeping state for clients that are no more authorised to receive those > messages. The session state can include actual messages if QoS>=1, so maybe > high overhead. > > > The Session Expiry is