News‎ > ‎

IETF 89 London - Security Drafts linked to ACE BOF

posted Mar 3, 2014, 3:48 AM by Corinna Schmitt   [ updated Jul 21, 2014, 7:47 AM ]
UZH is involed in standardization activity by IETF. Currently two drafts are published:
          • DTLS-based Security with two-way Authentication for IoT
          • X.509 Public Key Infrastructure Certificates for the Constrained Application Protocol (CoAP)
Both drafts are linked to the working group Authentication and Authorization for Constrained Environments (ACE) that will have its BoF on upcoming Wednesday (March 5th, 2014) at IETF 89. The ACE WG has the following tasks:
            • Document the use cases and high-level requirements for secured communication between constrained devices.
            • Define profiles for encoding authentication and authorization data.
            • Document design criteria for the required security protocols with respect to resource usage (RAM, message round trips, power consumption etc.).
            • Define a mechanism for authenticated and protected transfer of authorization information suitable for constrained environments, and taking into account expiry/revocation.
            • Define formats for access tokens and for authorization information that are suitable for constrained devices.
            • Define bootstrapping for authorization information using the Resource Directory.
Further information about the charter and the linked Internet drafts can be found here: