rfc9200.original | rfc9200.txt | |||
---|---|---|---|---|
ACE Working Group L. Seitz | Internet Engineering Task Force (IETF) L. Seitz | |||
Internet-Draft Combitech | Request for Comments: 9200 Combitech | |||
Intended status: Standards Track G. Selander | Category: Standards Track G. Selander | |||
Expires: 2 March 2022 Ericsson | ISSN: 2070-1721 Ericsson | |||
E. Wahlstroem | E. Wahlstroem | |||
S. Erdtman | S. Erdtman | |||
Spotify AB | Spotify AB | |||
H. Tschofenig | H. Tschofenig | |||
Arm Ltd. | Arm Ltd. | |||
29 August 2021 | March 2022 | |||
Authentication and Authorization for Constrained Environments (ACE) | Authentication and Authorization for Constrained Environments (ACE) | |||
using the OAuth 2.0 Framework (ACE-OAuth) | Using the OAuth 2.0 Framework (ACE-OAuth) | |||
draft-ietf-ace-oauth-authz-45 | ||||
Abstract | Abstract | |||
This specification defines a framework for authentication and | This specification defines a framework for authentication and | |||
authorization in Internet of Things (IoT) environments called ACE- | authorization in Internet of Things (IoT) environments called | |||
OAuth. The framework is based on a set of building blocks including | ACE-OAuth. The framework is based on a set of building blocks | |||
OAuth 2.0 and the Constrained Application Protocol (CoAP), thus | including OAuth 2.0 and the Constrained Application Protocol (CoAP), | |||
transforming a well-known and widely used authorization solution into | thus transforming a well-known and widely used authorization solution | |||
a form suitable for IoT devices. Existing specifications are used | into a form suitable for IoT devices. Existing specifications are | |||
where possible, but extensions are added and profiles are defined to | used where possible, but extensions are added and profiles are | |||
better serve the IoT use cases. | defined to better serve the IoT use cases. | |||
Status of This Memo | Status of This Memo | |||
This Internet-Draft is submitted in full conformance with the | This is an Internet Standards Track document. | |||
provisions of BCP 78 and BCP 79. | ||||
Internet-Drafts are working documents of the Internet Engineering | ||||
Task Force (IETF). Note that other groups may also distribute | ||||
working documents as Internet-Drafts. The list of current Internet- | ||||
Drafts is at https://datatracker.ietf.org/drafts/current/. | ||||
Internet-Drafts are draft documents valid for a maximum of six months | This document is a product of the Internet Engineering Task Force | |||
and may be updated, replaced, or obsoleted by other documents at any | (IETF). It represents the consensus of the IETF community. It has | |||
time. It is inappropriate to use Internet-Drafts as reference | received public review and has been approved for publication by the | |||
material or to cite them other than as "work in progress." | Internet Engineering Steering Group (IESG). Further information on | |||
Internet Standards is available in Section 2 of RFC 7841. | ||||
This Internet-Draft will expire on 2 March 2022. | Information about the current status of this document, any errata, | |||
and how to provide feedback on it may be obtained at | ||||
https://www.rfc-editor.org/info/rfc9200. | ||||
Copyright Notice | Copyright Notice | |||
Copyright (c) 2021 IETF Trust and the persons identified as the | Copyright (c) 2022 IETF Trust and the persons identified as the | |||
document authors. All rights reserved. | document authors. All rights reserved. | |||
This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
Provisions Relating to IETF Documents (https://trustee.ietf.org/ | Provisions Relating to IETF Documents | |||
license-info) in effect on the date of publication of this document. | (https://trustee.ietf.org/license-info) in effect on the date of | |||
Please review these documents carefully, as they describe your rights | publication of this document. Please review these documents | |||
and restrictions with respect to this document. Code Components | carefully, as they describe your rights and restrictions with respect | |||
extracted from this document must include Simplified BSD License text | to this document. Code Components extracted from this document must | |||
as described in Section 4.e of the Trust Legal Provisions and are | include Revised BSD License text as described in Section 4.e of the | |||
provided without warranty as described in the Simplified BSD License. | Trust Legal Provisions and are provided without warranty as described | |||
in the Revised BSD License. | ||||
Table of Contents | Table of Contents | |||
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 4 | 1. Introduction | |||
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 5 | 2. Terminology | |||
3. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . 6 | 3. Overview | |||
3.1. OAuth 2.0 . . . . . . . . . . . . . . . . . . . . . . . . 7 | 3.1. OAuth 2.0 | |||
3.2. CoAP . . . . . . . . . . . . . . . . . . . . . . . . . . 10 | 3.2. CoAP | |||
4. Protocol Interactions . . . . . . . . . . . . . . . . . . . . 11 | 4. Protocol Interactions | |||
5. Framework . . . . . . . . . . . . . . . . . . . . . . . . . . 14 | 5. Framework | |||
5.1. Discovering Authorization Servers . . . . . . . . . . . . 16 | 5.1. Discovering Authorization Servers | |||
5.2. Unauthorized Resource Request Message . . . . . . . . . . 16 | 5.2. Unauthorized Resource Request Message | |||
5.3. AS Request Creation Hints . . . . . . . . . . . . . . . . 17 | 5.3. AS Request Creation Hints | |||
5.3.1. The Client-Nonce Parameter . . . . . . . . . . . . . 19 | 5.3.1. The Client-Nonce Parameter | |||
5.4. Authorization Grants . . . . . . . . . . . . . . . . . . 20 | 5.4. Authorization Grants | |||
5.5. Client Credentials . . . . . . . . . . . . . . . . . . . 20 | 5.5. Client Credentials | |||
5.6. AS Authentication . . . . . . . . . . . . . . . . . . . . 21 | 5.6. AS Authentication | |||
5.7. The Authorization Endpoint . . . . . . . . . . . . . . . 21 | 5.7. The Authorization Endpoint | |||
5.8. The Token Endpoint . . . . . . . . . . . . . . . . . . . 21 | 5.8. The Token Endpoint | |||
5.8.1. Client-to-AS Request . . . . . . . . . . . . . . . . 22 | 5.8.1. Client-to-AS Request | |||
5.8.2. AS-to-Client Response . . . . . . . . . . . . . . . . 25 | 5.8.2. AS-to-Client Response | |||
5.8.3. Error Response . . . . . . . . . . . . . . . . . . . 27 | 5.8.3. Error Response | |||
5.8.4. Request and Response Parameters . . . . . . . . . . . 28 | 5.8.4. Request and Response Parameters | |||
5.8.4.1. Grant Type . . . . . . . . . . . . . . . . . . . 28 | 5.8.4.1. Grant Type | |||
5.8.4.2. Token Type . . . . . . . . . . . . . . . . . . . 29 | 5.8.4.2. Token Type | |||
5.8.4.3. Profile . . . . . . . . . . . . . . . . . . . . . 29 | 5.8.4.3. Profile | |||
5.8.4.4. Client-Nonce . . . . . . . . . . . . . . . . . . 30 | 5.8.4.4. Client-Nonce | |||
5.8.5. Mapping Parameters to CBOR . . . . . . . . . . . . . 30 | 5.8.5. Mapping Parameters to CBOR | |||
5.9. The Introspection Endpoint . . . . . . . . . . . . . . . 31 | 5.9. The Introspection Endpoint | |||
5.9.1. Introspection Request . . . . . . . . . . . . . . . . 32 | 5.9.1. Introspection Request | |||
5.9.2. Introspection Response . . . . . . . . . . . . . . . 33 | 5.9.2. Introspection Response | |||
5.9.3. Error Response . . . . . . . . . . . . . . . . . . . 34 | 5.9.3. Error Response | |||
5.9.4. Mapping Introspection Parameters to CBOR . . . . . . 35 | 5.9.4. Mapping Introspection Parameters to CBOR | |||
5.10. The Access Token . . . . . . . . . . . . . . . . . . . . 36 | 5.10. The Access Token | |||
5.10.1. The Authorization Information Endpoint . . . . . . . 36 | 5.10.1. The Authorization Information Endpoint | |||
5.10.1.1. Verifying an Access Token . . . . . . . . . . . 38 | 5.10.1.1. Verifying an Access Token | |||
5.10.1.2. Protecting the Authorization Information | 5.10.1.2. Protecting the Authorization Information Endpoint | |||
Endpoint . . . . . . . . . . . . . . . . . . . . . 39 | 5.10.2. Client Requests to the RS | |||
5.10.2. Client Requests to the RS . . . . . . . . . . . . . 40 | 5.10.3. Token Expiration | |||
5.10.3. Token Expiration . . . . . . . . . . . . . . . . . . 41 | 5.10.4. Key Expiration | |||
5.10.4. Key Expiration . . . . . . . . . . . . . . . . . . . 42 | 6. Security Considerations | |||
6. Security Considerations . . . . . . . . . . . . . . . . . . . 43 | 6.1. Protecting Tokens | |||
6.1. Protecting Tokens . . . . . . . . . . . . . . . . . . . . 43 | 6.2. Communication Security | |||
6.2. Communication Security . . . . . . . . . . . . . . . . . 44 | 6.3. Long-Term Credentials | |||
6.3. Long-Term Credentials . . . . . . . . . . . . . . . . . . 44 | 6.4. Unprotected AS Request Creation Hints | |||
6.4. Unprotected AS Request Creation Hints . . . . . . . . . . 45 | 6.5. Minimal Security Requirements for Communication | |||
6.5. Minimal Security Requirements for Communication . . . . . 45 | 6.6. Token Freshness and Expiration | |||
6.6. Token Freshness and Expiration . . . . . . . . . . . . . 46 | 6.7. Combining Profiles | |||
6.7. Combining Profiles . . . . . . . . . . . . . . . . . . . 47 | 6.8. Unprotected Information | |||
6.8. Unprotected Information . . . . . . . . . . . . . . . . . 47 | 6.9. Identifying Audiences | |||
6.9. Identifying Audiences . . . . . . . . . . . . . . . . . . 48 | 6.10. Denial of Service Against or with Introspection | |||
6.10. Denial of Service Against or with Introspection . . . . . 49 | 7. Privacy Considerations | |||
7. Privacy Considerations . . . . . . . . . . . . . . . . . . . 49 | 8. IANA Considerations | |||
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 50 | 8.1. ACE Authorization Server Request Creation Hints | |||
8.1. ACE Authorization Server Request Creation Hints . . . . . 50 | 8.2. CoRE Resource Type Registry | |||
8.2. CoRE Resource Type Registry . . . . . . . . . . . . . . . 51 | 8.3. OAuth Extensions Error Registration | |||
8.3. OAuth Extensions Error Registration . . . . . . . . . . . 51 | 8.4. OAuth Error Code CBOR Mappings Registry | |||
8.4. OAuth Error Code CBOR Mappings Registry . . . . . . . . . 52 | 8.5. OAuth Grant Type CBOR Mappings | |||
8.5. OAuth Grant Type CBOR Mappings . . . . . . . . . . . . . 52 | 8.6. OAuth Access Token Types | |||
8.6. OAuth Access Token Types . . . . . . . . . . . . . . . . 53 | 8.7. OAuth Access Token Type CBOR Mappings | |||
8.7. OAuth Access Token Type CBOR Mappings . . . . . . . . . . 53 | 8.7.1. Initial Registry Contents | |||
8.7.1. Initial Registry Contents . . . . . . . . . . . . . . 53 | 8.8. ACE Profile Registry | |||
8.8. ACE Profile Registry . . . . . . . . . . . . . . . . . . 54 | 8.9. OAuth Parameter Registration | |||
8.9. OAuth Parameter Registration . . . . . . . . . . . . . . 54 | 8.10. OAuth Parameters CBOR Mappings Registry | |||
8.10. OAuth Parameters CBOR Mappings Registry . . . . . . . . . 54 | 8.11. OAuth Introspection Response Parameter Registration | |||
8.11. OAuth Introspection Response Parameter Registration . . . 55 | 8.12. OAuth Token Introspection Response CBOR Mappings Registry | |||
8.12. OAuth Token Introspection Response CBOR Mappings | 8.13. JSON Web Token Claims | |||
Registry . . . . . . . . . . . . . . . . . . . . . . . . 56 | 8.14. CBOR Web Token Claims | |||
8.13. JSON Web Token Claims . . . . . . . . . . . . . . . . . . 56 | 8.15. Media Type Registration | |||
8.14. CBOR Web Token Claims . . . . . . . . . . . . . . . . . . 57 | 8.16. CoAP Content-Format Registry | |||
8.15. Media Type Registrations . . . . . . . . . . . . . . . . 58 | 8.17. Expert Review Instructions | |||
8.16. CoAP Content-Format Registry . . . . . . . . . . . . . . 58 | 9. References | |||
8.17. Expert Review Instructions . . . . . . . . . . . . . . . 59 | 9.1. Normative References | |||
9. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 60 | 9.2. Informative References | |||
10. References . . . . . . . . . . . . . . . . . . . . . . . . . 60 | Appendix A. Design Justification | |||
10.1. Normative References . . . . . . . . . . . . . . . . . . 60 | Appendix B. Roles and Responsibilities | |||
10.2. Informative References . . . . . . . . . . . . . . . . . 63 | Appendix C. Requirements on Profiles | |||
Appendix A. Design Justification . . . . . . . . . . . . . . . . 66 | Appendix D. Assumptions on AS Knowledge about the C and RS | |||
Appendix B. Roles and Responsibilities . . . . . . . . . . . . . 69 | Appendix E. Differences to OAuth 2.0 | |||
Appendix C. Requirements on Profiles . . . . . . . . . . . . . . 71 | Appendix F. Deployment Examples | |||
Appendix D. Assumptions on AS Knowledge about C and RS . . . . . 72 | F.1. Local Token Validation | |||
Appendix E. Differences to OAuth 2.0 . . . . . . . . . . . . . . 73 | F.2. Introspection Aided Token Validation | |||
Appendix F. Deployment Examples . . . . . . . . . . . . . . . . 73 | Acknowledgments | |||
F.1. Local Token Validation . . . . . . . . . . . . . . . . . 74 | Authors' Addresses | |||
F.2. Introspection Aided Token Validation . . . . . . . . . . 78 | ||||
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 82 | ||||
1. Introduction | 1. Introduction | |||
Authorization is the process for granting approval to an entity to | Authorization is the process for granting approval to an entity to | |||
access a generic resource [RFC4949]. The authorization task itself | access a generic resource [RFC4949]. The authorization task itself | |||
can best be described as granting access to a requesting client, for | can best be described as granting access to a requesting client for a | |||
a resource hosted on a device, the resource server (RS). This | resource hosted on a device, i.e., the resource server (RS). This | |||
exchange is mediated by one or multiple authorization servers (AS). | exchange is mediated by one or multiple authorization servers (ASes). | |||
Managing authorization for a large number of devices and users can be | Managing authorization for a large number of devices and users can be | |||
a complex task. | a complex task. | |||
While prior work on authorization solutions for the Web and for the | While prior work on authorization solutions for the Web and for the | |||
mobile environment also applies to the Internet of Things (IoT) | mobile environment also applies to the Internet of Things (IoT) | |||
environment, many IoT devices are constrained, for example, in terms | environment, many IoT devices are constrained, for example, in terms | |||
of processing capabilities, available memory, etc. For such devices | of processing capabilities, available memory, etc. For such devices, | |||
the Constrained Application Protocol (CoAP) [RFC7252] can alleviate | the Constrained Application Protocol (CoAP) [RFC7252] can alleviate | |||
some resource concerns when used instead of HTTP to implement the | some resource concerns when used instead of HTTP to implement the | |||
communication flows of this specification. | communication flows of this specification. | |||
Appendix A gives an overview of the constraints considered in this | Appendix A gives an overview of the constraints considered in this | |||
design, and a more detailed treatment of constraints can be found in | design, and a more detailed treatment of constraints can be found in | |||
[RFC7228]. This design aims to accommodate different IoT deployments | [RFC7228]. This design aims to accommodate different IoT deployments | |||
and thus a continuous range of device and network capabilities. | as well as a continuous range of device and network capabilities. | |||
Taking energy consumption as an example: At one end there are energy- | Taking energy consumption as an example, at one end, there are | |||
harvesting or battery powered devices which have a tight power | energy-harvesting or battery-powered devices that have a tight power | |||
budget, on the other end there are mains-powered devices, and all | budget; on the other end, there are mains-powered devices; and all | |||
levels in between. | levels exist in between. | |||
Hence, IoT devices may be very different in terms of available | Hence, IoT devices may be very different in terms of available | |||
processing and message exchange capabilities and there is a need to | processing and message exchange capabilities, and there is a need to | |||
support many different authorization use cases [RFC7744]. | support many different authorization use cases [RFC7744]. | |||
This specification describes a framework for authentication and | This specification describes a framework for Authentication and | |||
authorization in constrained environments (ACE) built on re-use of | Authorization for Constrained Environments (ACE) built on reuse of | |||
OAuth 2.0 [RFC6749], thereby extending authorization to Internet of | OAuth 2.0 [RFC6749], thereby extending authorization to Internet of | |||
Things devices. This specification contains the necessary building | Things devices. This specification contains the necessary building | |||
blocks for adjusting OAuth 2.0 to IoT environments. | blocks for adjusting OAuth 2.0 to IoT environments. | |||
Profiles of this framework are available in separate specifications, | Profiles of this framework are available in separate specifications, | |||
such as [I-D.ietf-ace-dtls-authorize] or | such as [RFC9202] or [RFC9203]. Such profiles may specify the use of | |||
[I-D.ietf-ace-oscore-profile]. Such profiles may specify the use of | ||||
the framework for a specific security protocol and the underlying | the framework for a specific security protocol and the underlying | |||
transports for use in a specific deployment environment to improve | transports for use in a specific deployment environment to improve | |||
interoperability. Implementations may claim conformance with a | interoperability. Implementations may claim conformance with a | |||
specific profile, whereby implementations utilizing the same profile | specific profile, whereby implementations utilizing the same profile | |||
interoperate, while implementations of different profiles are not | interoperate, while implementations of different profiles are not | |||
expected to be interoperable. More powerful devices, such as mobile | expected to be interoperable. More powerful devices, such as mobile | |||
phones and tablets, may implement multiple profiles and will | phones and tablets, may implement multiple profiles and will | |||
therefore be able to interact with a wider range of constrained | therefore be able to interact with a wider range of constrained | |||
devices. Requirements on profiles are described at contextually | devices. Requirements on profiles are described at contextually | |||
appropriate places throughout this specification, and also summarized | appropriate places throughout this specification and also summarized | |||
in Appendix C. | in Appendix C. | |||
2. Terminology | 2. Terminology | |||
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | |||
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | |||
"OPTIONAL" in this document are to be interpreted as described in BCP | "OPTIONAL" in this document are to be interpreted as described in BCP | |||
14 [RFC2119] [RFC8174] when, and only when, they appear in all | 14 [RFC2119] [RFC8174] when, and only when, they appear in all | |||
capitals, as shown here. | capitals, as shown here. | |||
Certain security-related terms such as "authentication", | Certain security-related terms, such as "authentication", | |||
"authorization", "confidentiality", "(data) integrity", "message | "authorization", "confidentiality", "(data) integrity", "message | |||
authentication code", and "verify" are taken from [RFC4949]. | authentication code", and "verify", are taken from [RFC4949]. | |||
Since exchanges in this specification are described as RESTful | Since exchanges in this specification are described as RESTful | |||
protocol interactions, HTTP [RFC7231] offers useful terminology. | protocol interactions, HTTP [RFC7231] offers useful terminology. | |||
(Note that "RESTful" refers to the Representational State Transfer | ||||
(REST) architecture.) | ||||
Terminology for entities in the architecture is defined in OAuth 2.0 | Terminology for entities in the architecture is defined in OAuth 2.0 | |||
[RFC6749] such as client (C), resource server (RS), and authorization | [RFC6749], such as client (C), resource server (RS), and | |||
server (AS). | authorization server (AS). | |||
Note that the term "endpoint" is used here following its OAuth | Note that the term "endpoint" is used here following its OAuth | |||
definition, which is to denote resources such as token and | definition, which is to denote resources, such as token and | |||
introspection at the AS and authz-info at the RS (see Section 5.10.1 | introspection at the AS and authz-info at the RS (see Section 5.10.1 | |||
for a definition of the authz-info endpoint). The CoAP [RFC7252] | for a definition of the authz-info endpoint). The CoAP definition, | |||
definition, which is "An entity participating in the CoAP protocol" | which is "[a]n entity participating in the CoAP protocol" [RFC7252], | |||
is not used in this specification. | is not used in this specification. | |||
The specifications in this document is called the "framework" or "ACE | The specification in this document is called the "framework" or "ACE | |||
framework". When referring to "profiles of this framework" it refers | framework". When referring to "profiles of this framework", it | |||
to additional specifications that define the use of this | refers to additional specifications that define the use of this | |||
specification with concrete transport and communication security | specification with concrete transport and communication security | |||
protocols (e.g., CoAP over DTLS). | protocols (e.g., CoAP over DTLS). | |||
The term "Access Information" is used for parameters, other than the | The term "Access Information" is used for parameters, other than the | |||
access token, provided to the client by the AS to enable it to access | access token, provided to the client by the AS to enable it to access | |||
the RS (e.g. public key of the RS, profile supported by RS). | the RS (e.g., public key of the RS or profile supported by RS). | |||
The term "Authorization Information" is used to denote all | The term "authorization information" is used to denote all | |||
information, including the claims of relevant access tokens, that an | information, including the claims of relevant access tokens, that an | |||
RS uses to determine whether an access request should be granted. | RS uses to determine whether an access request should be granted. | |||
3. Overview | 3. Overview | |||
This specification defines the ACE framework for authorization in the | This specification defines the ACE framework for authorization in the | |||
Internet of Things environment. It consists of a set of building | Internet of Things environment. It consists of a set of building | |||
blocks. | blocks. | |||
The basic block is the OAuth 2.0 [RFC6749] framework, which enjoys | The basic block is the OAuth 2.0 [RFC6749] framework, which enjoys | |||
widespread deployment. Many IoT devices can support OAuth 2.0 | widespread deployment. Many IoT devices can support OAuth 2.0 | |||
without any additional extensions, but for certain constrained | without any additional extensions, but for certain constrained | |||
settings additional profiling is needed. | settings, additional profiling is needed. | |||
Another building block is the lightweight web transfer protocol CoAP | Another building block is the lightweight web transfer protocol CoAP | |||
[RFC7252], for those communication environments where HTTP is not | [RFC7252], for those communication environments where HTTP is not | |||
appropriate. CoAP typically runs on top of UDP, which further | appropriate. CoAP typically runs on top of UDP, which further | |||
reduces overhead and message exchanges. While this specification | reduces overhead and message exchanges. While this specification | |||
defines extensions for the use of OAuth over CoAP, other underlying | defines extensions for the use of OAuth over CoAP, other underlying | |||
protocols are not prohibited from being supported in the future, such | protocols are not prohibited from being supported in the future, such | |||
as HTTP/2 [RFC7540], Message Queuing Telemetry Transport (MQTT) | as HTTP/2 [RFC7540], Message Queuing Telemetry Transport (MQTT) | |||
[MQTT5.0], Bluetooth Low Energy (BLE) [BLE] and QUIC | [MQTT5.0], Bluetooth Low Energy (BLE) [BLE], and QUIC [RFC9000]. | |||
[I-D.ietf-quic-transport]. Note that this document specifies | Note that this document specifies protocol exchanges in terms of | |||
protocol exchanges in terms of RESTful verbs such as GET and POST. | RESTful verbs, such as GET and POST. Future profiles using protocols | |||
Future profiles using protocols that do not support these verbs MUST | that do not support these verbs MUST specify how the corresponding | |||
specify how the corresponding protocol messages are transmitted | protocol messages are transmitted instead. | |||
instead. | ||||
A third building block is the Concise Binary Object Representation | A third building block is the Concise Binary Object Representation | |||
(CBOR) [RFC8949], for encodings where JSON [RFC8259] is not | (CBOR) [RFC8949], for encodings where JSON [RFC8259] is not | |||
sufficiently compact. CBOR is a binary encoding designed for small | sufficiently compact. CBOR is a binary encoding designed for small | |||
code and message size. Self-contained tokens and protocol message | code and message size. Self-contained tokens and protocol message | |||
payloads are encoded in CBOR when CoAP is used. When CoAP is not | payloads are encoded in CBOR when CoAP is used. When CoAP is not | |||
used, the use of CBOR remains RECOMMENDED. | used, the use of CBOR remains RECOMMENDED. | |||
A fourth building block is CBOR Object Signing and Encryption (COSE) | A fourth building block is CBOR Object Signing and Encryption (COSE) | |||
[RFC8152], which enables object-level layer security as an | [RFC8152], which enables object-level layer security as an | |||
alternative or complement to transport layer security (DTLS [RFC6347] | alternative or complement to transport layer security (DTLS [RFC6347] | |||
or TLS [RFC8446]). COSE is used to secure self-contained tokens such | or TLS [RFC8446]). COSE is used to secure self-contained tokens, | |||
as proof-of-possession (PoP) tokens, which are an extension to the | such as proof-of-possession (PoP) tokens, which are an extension to | |||
OAuth bearer tokens. The default token format is defined in CBOR Web | the OAuth bearer tokens. The default token format is defined in CBOR | |||
Token (CWT) [RFC8392]. Application-layer security for CoAP using | Web Token (CWT) [RFC8392]. Application-layer security for CoAP using | |||
COSE can be provided with OSCORE [RFC8613]. | COSE can be provided with Object Security for Constrained RESTful | |||
Environments (OSCORE) [RFC8613]. | ||||
With the building blocks listed above, solutions satisfying various | With the building blocks listed above, solutions satisfying various | |||
IoT device and network constraints are possible. A list of | IoT device and network constraints are possible. A list of | |||
constraints is described in detail in [RFC7228] and a description of | constraints is described in detail in [RFC7228], and a description of | |||
how the building blocks mentioned above relate to the various | how the building blocks mentioned above relate to the various | |||
constraints can be found in Appendix A. | constraints can be found in Appendix A. | |||
Luckily, not every IoT device suffers from all constraints. The ACE | Luckily, not every IoT device suffers from all constraints. | |||
framework nevertheless takes all these aspects into account and | Nevertheless, the ACE framework takes all these aspects into account | |||
allows several different deployment variants to co-exist, rather than | and allows several different deployment variants to coexist, rather | |||
mandating a one-size-fits-all solution. It is important to cover the | than mandating a one-size-fits-all solution. It is important to | |||
wide range of possible interworking use cases and the different | cover the wide range of possible interworking use cases and the | |||
requirements from a security point of view. Once IoT deployments | different requirements from a security point of view. Once IoT | |||
mature, popular deployment variants will be documented in the form of | deployments mature, popular deployment variants will be documented in | |||
ACE profiles. | the form of ACE profiles. | |||
3.1. OAuth 2.0 | 3.1. OAuth 2.0 | |||
The OAuth 2.0 authorization framework enables a client to obtain | The OAuth 2.0 authorization framework enables a client to obtain | |||
scoped access to a resource with the permission of a resource owner. | scoped access to a resource with the permission of a resource owner. | |||
Authorization information, or references to it, is passed between the | Authorization information, or references to it, is passed between the | |||
nodes using access tokens. These access tokens are issued to clients | nodes using access tokens. These access tokens are issued to clients | |||
by an authorization server with the approval of the resource owner. | by an authorization server with the approval of the resource owner. | |||
The client uses the access token to access the protected resources | The client uses the access token to access the protected resources | |||
hosted by the resource server. | hosted by the resource server. | |||
A number of OAuth 2.0 terms are used within this specification: | A number of OAuth 2.0 terms are used within this specification: | |||
Access Tokens: | Access Tokens: | |||
Access tokens are credentials needed to access protected | Access tokens are credentials needed to access protected | |||
resources. An access token is a data structure representing | resources. An access token is a data structure representing | |||
authorization permissions issued by the AS to the client. Access | authorization permissions issued by the AS to the client. Access | |||
tokens are generated by the AS and consumed by the RS. The access | tokens are generated by the AS and consumed by the RS. The access | |||
token content is opaque to the client. | token content is opaque to the client. | |||
Access tokens can have different formats, and various methods of | Access tokens can have different formats and various methods of | |||
utilization e.g., cryptographic properties) based on the security | utilization (e.g., cryptographic properties) based on the security | |||
requirements of the given deployment. | requirements of the given deployment. | |||
Introspection: | Introspection: | |||
Introspection is a method for a resource server or potentially a | Introspection is a method for a resource server, or potentially a | |||
client, to query the authorization server for the active state and | client, to query the authorization server for the active state and | |||
content of a received access token. This is particularly useful | content of a received access token. This is particularly useful | |||
in those cases where the authorization decisions are very dynamic | in those cases where the authorization decisions are very dynamic | |||
and/or where the received access token itself is an opaque | and/or where the received access token itself is an opaque | |||
reference rather than a self-contained token. More information | reference, rather than a self-contained token. More information | |||
about introspection in OAuth 2.0 can be found in [RFC7662]. | about introspection in OAuth 2.0 can be found in [RFC7662]. | |||
Refresh Tokens: | Refresh Tokens: | |||
Refresh tokens are credentials used to obtain access tokens. | Refresh tokens are credentials used to obtain access tokens. | |||
Refresh tokens are issued to the client by the authorization | Refresh tokens are issued to the client by the authorization | |||
server and are used to obtain a new access token when the current | server and are used to obtain a new access token when the current | |||
access token expires, or to obtain additional access tokens with | access token expires or to obtain additional access tokens with | |||
identical or narrower scope (such access tokens may have a shorter | identical or narrower scope (such access tokens may have a shorter | |||
lifetime and fewer permissions than authorized by the resource | lifetime and fewer permissions than authorized by the resource | |||
owner). Issuing a refresh token is optional at the discretion of | owner). Issuing a refresh token is optional at the discretion of | |||
the authorization server. If the authorization server issues a | the authorization server. If the authorization server issues a | |||
refresh token, it is included when issuing an access token (i.e., | refresh token, it is included when issuing an access token (i.e., | |||
step (B) in Figure 1). | step (B) in Figure 1). | |||
A refresh token in OAuth 2.0 is a string representing the | A refresh token in OAuth 2.0 is a string representing the | |||
authorization granted to the client by the resource owner. The | authorization granted to the client by the resource owner. The | |||
string is usually opaque to the client. The token denotes an | string is usually opaque to the client. The token denotes an | |||
identifier used to retrieve the authorization information. Unlike | identifier used to retrieve the authorization information. Unlike | |||
access tokens, refresh tokens are intended for use only with | access tokens, refresh tokens are intended for use only with | |||
authorization servers and are never sent to resource servers. In | authorization servers and are never sent to resource servers. In | |||
this framework, refresh tokens are encoded in binary instead of | this framework, refresh tokens are encoded in binary instead of | |||
strings, if used. | strings, if used. | |||
Proof of Possession Tokens: | Proof-of-Possession Tokens: | |||
A token may be bound to a cryptographic key, which is then used to | A token may be bound to a cryptographic key, which is then used to | |||
bind the token to a request authorized by the token. Such tokens | bind the token to a request authorized by the token. Such tokens | |||
are called proof-of-possession tokens (or PoP tokens). | are called proof-of-possession tokens (or PoP tokens). | |||
The proof-of-possession security concept used here assumes that | The proof-of-possession security concept used here assumes that | |||
the AS acts as a trusted third party that binds keys to tokens. | the AS acts as a trusted third party that binds keys to tokens. | |||
In the case of access tokens, these so called PoP keys are then | In the case of access tokens, these so-called PoP keys are then | |||
used by the client to demonstrate the possession of the secret to | used by the client to demonstrate the possession of the secret to | |||
the RS when accessing the resource. The RS, when receiving an | the RS when accessing the resource. The RS, when receiving an | |||
access token, needs to verify that the key used by the client | access token, needs to verify that the key used by the client | |||
matches the one bound to the access token. When this | matches the one bound to the access token. When this | |||
specification uses the term "access token" it is assumed to be a | specification uses the term "access token", it is assumed to be a | |||
PoP access token unless specifically stated otherwise. | PoP access token unless specifically stated otherwise. | |||
The key bound to the token (the PoP key) may use either symmetric | The key bound to the token (the PoP key) may use either symmetric | |||
or asymmetric cryptography. The appropriate choice of the kind of | or asymmetric cryptography. The appropriate choice of the kind of | |||
cryptography depends on the constraints of the IoT devices as well | cryptography depends on the constraints of the IoT devices as well | |||
as on the security requirements of the use case. | as on the security requirements of the use case. | |||
Symmetric PoP key: | Symmetric PoP key: | |||
The AS generates a random symmetric PoP key. The key is either | The AS generates a random, symmetric PoP key. The key is | |||
stored to be returned on introspection calls or included in the | either stored to be returned on introspection calls or included | |||
token. Either the whole token or only the key MUST be | in the token. Either the whole token or only the key MUST be | |||
encrypted in the latter case. The PoP key is also returned to | encrypted in the latter case. The PoP key is also returned to | |||
client together with the token. | client together with the token. | |||
Asymmetric PoP key: | Asymmetric PoP key: | |||
An asymmetric key pair is generated by the client and the | An asymmetric key pair is generated by the client and the | |||
public key is sent to the AS (if it does not already have | public key is sent to the AS (if it does not already have | |||
knowledge of the client's public key). Information about the | knowledge of the client's public key). Information about the | |||
public key, which is the PoP key in this case, is either stored | public key, which is the PoP key in this case, is either stored | |||
to be returned on introspection calls or included inside the | to be returned on introspection calls or included inside the | |||
token and sent back to the client. The resource server | token and sent back to the client. The resource server | |||
consuming the token can identify the public key from the | consuming the token can identify the public key from the | |||
information in the token, which allows the client to use the | information in the token, which allows the client to use the | |||
corresponding private key for the proof of possession. | corresponding private key for the proof of possession. | |||
The token is either a simple reference, or a structured | The token is either a simple reference or a structured information | |||
information object (e.g., CWT [RFC8392]) protected by a | object (e.g., CWT [RFC8392]) protected by a cryptographic wrapper | |||
cryptographic wrapper (e.g., COSE [RFC8152]). The choice of PoP | (e.g., COSE [RFC8152]). The choice of PoP key does not | |||
key does not necessarily imply a specific credential type for the | necessarily imply a specific credential type for the integrity | |||
integrity protection of the token. | protection of the token. | |||
Scopes and Permissions: | Scopes and Permissions: | |||
In OAuth 2.0, the client specifies the type of permissions it is | In OAuth 2.0, the client specifies the type of permissions it is | |||
seeking to obtain (via the scope parameter) in the access token | seeking to obtain (via the scope parameter) in the access token | |||
request. In turn, the AS may use the scope response parameter to | request. In turn, the AS may use the scope response parameter to | |||
inform the client of the scope of the access token issued. As the | inform the client of the scope of the access token issued. As the | |||
client could be a constrained device as well, this specification | client could be a constrained device as well, this specification | |||
defines the use of CBOR encoding, see Section 5, for such requests | defines the use of CBOR encoding (see Section 5) for such requests | |||
and responses. | and responses. | |||
The values of the scope parameter in OAuth 2.0 are expressed as a | The values of the scope parameter in OAuth 2.0 are expressed as a | |||
list of space-delimited, case-sensitive strings, with a semantic | list of space-delimited, case-sensitive strings with a semantic | |||
that is well-known to the AS and the RS. More details about the | that is well known to the AS and the RS. More details about the | |||
concept of scopes is found under Section 3.3 in [RFC6749]. | concept of scopes are found under Section 3.3 of [RFC6749]. | |||
Claims: | Claims: | |||
Information carried in the access token or returned from | Information carried in the access token or returned from | |||
introspection, called claims, is in the form of name-value pairs. | introspection, called claims, is in the form of name-value pairs. | |||
An access token may, for example, include a claim identifying the | An access token may, for example, include a claim identifying the | |||
AS that issued the token (via the "iss" claim) and what audience | AS that issued the token (via the "iss" claim) and what audience | |||
the access token is intended for (via the "aud" claim). The | the access token is intended for (via the "aud" claim). The | |||
audience of an access token can be a specific resource or one or | audience of an access token can be a specific resource, one | |||
many resource servers. The resource owner policies influence what | resource, or many resource servers. The resource owner policies | |||
claims are put into the access token by the authorization server. | influence what claims are put into the access token by the | |||
authorization server. | ||||
While the structure and encoding of the access token varies | While the structure and encoding of the access token varies | |||
throughout deployments, a standardized format has been defined | throughout deployments, a standardized format has been defined | |||
with the JSON Web Token (JWT) [RFC7519] where claims are encoded | with the JSON Web Token (JWT) [RFC7519], where claims are encoded | |||
as a JSON object. In [RFC8392] the CBOR Web Token (CWT) has been | as a JSON object. In [RFC8392], the CBOR Web Token (CWT) has been | |||
defined as an equivalent format using CBOR encoding. | defined as an equivalent format using CBOR encoding. | |||
The token and introspection Endpoints: | Token and Introspection Endpoints: | |||
The AS hosts the token endpoint that allows a client to request | The AS hosts the token endpoint that allows a client to request | |||
access tokens. The client makes a POST request to the token | access tokens. The client makes a POST request to the token | |||
endpoint on the AS and receives the access token in the response | endpoint on the AS and receives the access token in the response | |||
(if the request was successful). | (if the request was successful). | |||
In some deployments, a token introspection endpoint is provided by | In some deployments, a token introspection endpoint is provided by | |||
the AS, which can be used by the RS and potentially the client, if | the AS, which can be used by the RS and potentially the client, if | |||
they need to request additional information regarding a received | they need to request additional information regarding a received | |||
access token. The requesting entity makes a POST request to the | access token. The requesting entity makes a POST request to the | |||
introspection endpoint on the AS and receives information about | introspection endpoint on the AS and receives information about | |||
the access token in the response. (See "Introspection" above.) | the access token in the response. (See "Introspection" above.) | |||
3.2. CoAP | 3.2. CoAP | |||
CoAP is an application-layer protocol similar to HTTP, but | CoAP is an application-layer protocol similar to HTTP but | |||
specifically designed for constrained environments. CoAP typically | specifically designed for constrained environments. CoAP typically | |||
uses datagram-oriented transport, such as UDP, where reordering and | uses datagram-oriented transport, such as UDP, where reordering and | |||
loss of packets can occur. A security solution needs to take the | loss of packets can occur. A security solution needs to take the | |||
latter aspects into account. | latter aspects into account. | |||
While HTTP uses headers and query strings to convey additional | While HTTP uses headers and query strings to convey additional | |||
information about a request, CoAP encodes such information into | information about a request, CoAP encodes such information into | |||
header parameters called 'options'. | header parameters called 'options'. | |||
CoAP supports application-layer fragmentation of the CoAP payloads | CoAP supports application-layer fragmentation of the CoAP payloads | |||
through blockwise transfers [RFC7959]. However, blockwise transfer | through block-wise transfers [RFC7959]. However, block-wise transfer | |||
does not increase the size limits of CoAP options, therefore data | does not increase the size limits of CoAP options; therefore, data | |||
encoded in options has to be kept small. | encoded in options has to be kept small. | |||
Transport layer security for CoAP can be provided by DTLS or TLS | Transport layer security for CoAP can be provided by DTLS or TLS | |||
[RFC6347][RFC8446] [I-D.ietf-tls-dtls13]. CoAP defines a number of | [RFC6347] [RFC8446] [RFC9147]. CoAP defines a number of proxy | |||
proxy operations that require transport layer security to be | operations that require transport layer security to be terminated at | |||
terminated at the proxy. One approach for protecting CoAP | the proxy. One approach for protecting CoAP communication end-to-end | |||
communication end-to-end through proxies, and also to support | through proxies, and also to support security for CoAP over a | |||
security for CoAP over a different transport in a uniform way, is to | different transport in a uniform way, is to provide security at the | |||
provide security at the application layer using an object-based | application layer using an object-based security mechanism, such as | |||
security mechanism such as COSE [RFC8152]. | COSE [RFC8152]. | |||
One application of COSE is OSCORE [RFC8613], which provides end-to- | One application of COSE is OSCORE [RFC8613], which provides end-to- | |||
end confidentiality, integrity and replay protection, and a secure | end confidentiality, integrity and replay protection, and a secure | |||
binding between CoAP request and response messages. In OSCORE, the | binding between CoAP request and response messages. In OSCORE, the | |||
CoAP messages are wrapped in COSE objects and sent using CoAP. | CoAP messages are wrapped in COSE objects and sent using CoAP. | |||
In this framework the use of CoAP as replacement for HTTP is | In this framework, the use of CoAP as replacement for HTTP is | |||
RECOMMENDED for use in constrained environments. For communication | RECOMMENDED for use in constrained environments. For communication | |||
security this framework does not make an explicit protocol | security, this framework does not make an explicit protocol | |||
recommendation, since the choice depends on the requirements of the | recommendation, since the choice depends on the requirements of the | |||
specific application. DTLS [RFC6347], [I-D.ietf-tls-dtls13] and | specific application. DTLS [RFC6347] [RFC9147] and OSCORE [RFC8613] | |||
OSCORE [RFC8613] are mentioned as examples, other protocols | are mentioned as examples; other protocols fulfilling the | |||
fulfilling the requirements from Section 6.5 are also applicable. | requirements from Section 6.5 are also applicable. | |||
4. Protocol Interactions | 4. Protocol Interactions | |||
The ACE framework is based on the OAuth 2.0 protocol interactions | The ACE framework is based on the OAuth 2.0 protocol interactions | |||
using the token endpoint and optionally the introspection endpoint. | using the token endpoint and optionally the introspection endpoint. | |||
A client obtains an access token, and optionally a refresh token, | A client obtains an access token, and optionally a refresh token, | |||
from an AS using the token endpoint and subsequently presents the | from an AS using the token endpoint and subsequently presents the | |||
access token to an RS to gain access to a protected resource. In | access token to an RS to gain access to a protected resource. In | |||
most deployments the RS can process the access token locally, however | most deployments, the RS can process the access token locally; | |||
in some cases the RS may present it to the AS via the introspection | however, in some cases, the RS may present it to the AS via the | |||
endpoint to get fresh information. These interactions are shown in | introspection endpoint to get fresh information. These interactions | |||
Figure 1. An overview of various OAuth concepts is provided in | are shown in Figure 1. An overview of various OAuth concepts is | |||
Section 3.1. | provided in Section 3.1. | |||
+--------+ +---------------+ | +--------+ +---------------+ | |||
| |---(A)-- Token Request ------->| | | | |---(A)-- Token Request ------->| | | |||
| | | Authorization | | | | | Authorization | | |||
| |<--(B)-- Access Token ---------| Server | | | |<--(B)-- Access Token ---------| Server | | |||
| | + Access Information | | | | | + Access Information | | | |||
| | + Refresh Token (optional) +---------------+ | | | + Refresh Token (optional) +---------------+ | |||
| | ^ | | | | ^ | | |||
| | Introspection Request (D)| | | | | Introspection Request (D)| | | |||
| Client | Response | |(E) | | Client | Response | |(E) | |||
| | (optional exchange) | | | | | (optional exchange) | | | |||
| | | v | | | | v | |||
| | +--------------+ | | | +--------------+ | |||
| |---(C)-- Token + Request ----->| | | | |---(C)-- Token + Request ----->| | | |||
| | | Resource | | | | | Resource | | |||
| |<--(F)-- Protected Resource ---| Server | | | |<--(F)-- Protected Resource ---| Server | | |||
| | | | | | | | | | |||
+--------+ +--------------+ | +--------+ +--------------+ | |||
Figure 1: Basic Protocol Flow. | Figure 1: Basic Protocol Flow | |||
Requesting an Access Token (A): | Requesting an Access Token (A): | |||
The client makes an access token request to the token endpoint at | The client makes an access token request to the token endpoint at | |||
the AS. This framework assumes the use of PoP access tokens (see | the AS. This framework assumes the use of PoP access tokens (see | |||
Section 3.1 for a short description) wherein the AS binds a key to | Section 3.1 for a short description) wherein the AS binds a key to | |||
an access token. The client may include permissions it seeks to | an access token. The client may include permissions it seeks to | |||
obtain, and information about the credentials it wants to use for | obtain and information about the credentials it wants to use for | |||
proof-of-possession (e.g., symmetric/asymmetric cryptography or a | proof of possession (e.g., symmetric/asymmetric cryptography or a | |||
reference to a specific key) of the access token. | reference to a specific key) of the access token. | |||
Access Token Response (B): | Access Token Response (B): | |||
If the request from the client has been successfully verified, | If the request from the client has been successfully verified, | |||
authenticated, and authorized, the AS returns an access token and | authenticated, and authorized, the AS returns an access token and | |||
optionally a refresh token. Note that only certain grant types | optionally a refresh token. Note that only certain grant types | |||
support refresh tokens. The AS can also return additional | support refresh tokens. The AS can also return additional | |||
parameters, referred to as "Access Information". In addition to | parameters, referred to as "Access Information". In addition to | |||
the response parameters defined by OAuth 2.0 and the PoP access | the response parameters defined by OAuth 2.0 and the PoP access | |||
token extension, this framework defines parameters that can be | token extension, this framework defines parameters that can be | |||
used to inform the client about capabilities of the RS, e.g. the | used to inform the client about capabilities of the RS, e.g., the | |||
profile the RS supports. More information about these parameters | profile the RS supports. More information about these parameters | |||
can be found in Section 5.8.4. | can be found in Section 5.8.4. | |||
Resource Request (C): | Resource Request (C): | |||
The client interacts with the RS to request access to the | The client interacts with the RS to request access to the | |||
protected resource and provides the access token. The protocol to | protected resource and provides the access token. The protocol to | |||
use between the client and the RS is not restricted to CoAP. | use between the client and the RS is not restricted to CoAP. | |||
HTTP, HTTP/2 [RFC7540], QUIC [I-D.ietf-quic-transport], MQTT | HTTP, HTTP/2 [RFC7540], QUIC [RFC9000], MQTT [MQTT5.0], Bluetooth | |||
[MQTT5.0], Bluetooth Low Energy [BLE], etc., are also viable | Low Energy [BLE], etc., are also viable candidates. | |||
candidates. | ||||
Depending on the device limitations and the selected protocol, | Depending on the device limitations and the selected protocol, | |||
this exchange may be split up into two parts: | this exchange may be split up into two parts: | |||
(1) the client sends the access token containing, or | (1) the client sends the access token containing, or referencing, | |||
referencing, the authorization information to the RS, that will | the authorization information to the RS that will be used for | |||
be used for subsequent resource requests by the client, and | subsequent resource requests by the client, and | |||
(2) the client makes the resource access request, using the | (2) the client makes the resource access request using the | |||
communication security protocol and other Access Information | communication security protocol and other Access Information | |||
obtained from the AS. | obtained from the AS. | |||
The client and the RS mutually authenticate using the security | The client and the RS mutually authenticate using the security | |||
protocol specified in the profile (see step B) and the keys | protocol specified in the profile (see step (B)) and the keys | |||
obtained in the access token or the Access Information. The RS | obtained in the access token or the Access Information. The RS | |||
verifies that the token is integrity protected and originated by | verifies that the token is integrity protected and originated by | |||
the AS. It then compares the claims contained in the access token | the AS. It then compares the claims contained in the access token | |||
with the resource request. If the RS is online, validation can be | with the resource request. If the RS is online, validation can be | |||
handed over to the AS using token introspection (see messages D | handed over to the AS using token introspection (see messages (D) | |||
and E) over HTTP or CoAP. | and (E)) over HTTP or CoAP. | |||
Token Introspection Request (D): | Token Introspection Request (D): | |||
A resource server may be configured to introspect the access token | A resource server may be configured to introspect the access token | |||
by including it in a request to the introspection endpoint at that | by including it in a request to the introspection endpoint at that | |||
AS. Token introspection over CoAP is defined in Section 5.9 and | AS. Token introspection over CoAP is defined in Section 5.9 and | |||
for HTTP in [RFC7662]. | for HTTP in [RFC7662]. | |||
Note that token introspection is an optional step and can be | Note that token introspection is an optional step and can be | |||
omitted if the token is self-contained and the resource server is | omitted if the token is self-contained and the resource server is | |||
prepared to perform the token validation on its own. | prepared to perform the token validation on its own. | |||
Token Introspection Response (E): | Token Introspection Response (E): | |||
The AS validates the token and returns the most recent parameters, | The AS validates the token and returns the most recent parameters, | |||
such as scope, audience, validity etc. associated with it back to | such as scope, audience, validity, etc., associated with it back | |||
the RS. The RS then uses the received parameters to process the | to the RS. The RS then uses the received parameters to process | |||
request to either accept or to deny it. | the request to either accept or to deny it. | |||
Protected Resource (F): | Protected Resource (F): | |||
If the request from the client is authorized, the RS fulfills the | If the request from the client is authorized, the RS fulfills the | |||
request and returns a response with the appropriate response code. | request and returns a response with the appropriate response code. | |||
The RS uses the dynamically established keys to protect the | The RS uses the dynamically established keys to protect the | |||
response, according to the communication security protocol used. | response according to the communication security protocol used. | |||
The OAuth 2.0 framework defines a number of "protocol flows" via | The OAuth 2.0 framework defines a number of "protocol flows" via | |||
grant types, which have been extended further with extensions to | grant types, which have been extended further with extensions to | |||
OAuth 2.0 (such as [RFC7521] and [RFC8628]). What grant type works | OAuth 2.0 (such as [RFC7521] and [RFC8628]). What grant type works | |||
best depends on the usage scenario and [RFC7744] describes many | best depends on the usage scenario; [RFC7744] describes many | |||
different IoT use cases but there are two grant types that cover a | different IoT use cases, but there are two grant types that cover a | |||
majority of these scenarios, namely the Authorization Code Grant | majority of these scenarios, namely the authorization code grant | |||
(described in Section 4.1 of [RFC7521]) and the Client Credentials | (described in Section 4.1 of [RFC7521]) and the client credentials | |||
Grant (described in Section 4.4 of [RFC7521]). The Authorization | grant (described in Section 4.4 of [RFC6749]). The authorization | |||
Code Grant is a good fit for use with apps running on smart phones | code grant is a good fit for use with apps running on smartphones and | |||
and tablets that request access to IoT devices, a common scenario in | tablets that request access to IoT devices, a common scenario in the | |||
the smart home environment, where users need to go through an | smart home environment, where users need to go through an | |||
authentication and authorization phase (at least during the initial | authentication and authorization phase (at least during the initial | |||
setup phase). The native apps guidelines described in [RFC8252] are | setup phase). The native apps guidelines described in [RFC8252] are | |||
applicable to this use case. The Client Credential Grant is a good | applicable to this use case. The client credentials grant is a good | |||
fit for use with IoT devices where the OAuth client itself is | fit for use with IoT devices where the OAuth client itself is | |||
constrained. In such a case, the resource owner has pre-arranged | constrained. In such a case, the resource owner has prearranged | |||
access rights for the client with the authorization server, which is | access rights for the client with the authorization server, which is | |||
often accomplished using a commissioning tool. | often accomplished using a commissioning tool. | |||
The consent of the resource owner, for giving a client access to a | The consent of the resource owner, for giving a client access to a | |||
protected resource, can be provided dynamically as in the traditional | protected resource, can be provided dynamically as in the traditional | |||
OAuth flows, or it could be pre-configured by the resource owner as | OAuth flows, or it could be preconfigured by the resource owner as | |||
authorization policies at the AS, which the AS evaluates when a token | authorization policies at the AS, which the AS evaluates when a token | |||
request arrives. The resource owner and the requesting party (i.e., | request arrives. The resource owner and the requesting party (i.e., | |||
client owner) are not shown in Figure 1. | client owner) are not shown in Figure 1. | |||
This framework supports a wide variety of communication security | This framework supports a wide variety of communication security | |||
mechanisms between the ACE entities, such as client, AS, and RS. It | mechanisms between the ACE entities, such as the client, AS, and RS. | |||
is assumed that the client has been registered (also called enrolled | It is assumed that the client has been registered (also called | |||
or onboarded) to an AS using a mechanism defined outside the scope of | enrolled or onboarded) to an AS using a mechanism defined outside the | |||
this document. In practice, various techniques for onboarding have | scope of this document. In practice, various techniques for | |||
been used, such as factory-based provisioning or the use of | onboarding have been used, such as factory-based provisioning or the | |||
commissioning tools. Regardless of the onboarding technique, this | use of commissioning tools. Regardless of the onboarding technique, | |||
provisioning procedure implies that the client and the AS exchange | this provisioning procedure implies that the client and the AS | |||
credentials and configuration parameters. These credentials are used | exchange credentials and configuration parameters. These credentials | |||
to mutually authenticate each other and to protect messages exchanged | are used to mutually authenticate each other and to protect messages | |||
between the client and the AS. | exchanged between the client and the AS. | |||
It is also assumed that the RS has been registered with the AS, | It is also assumed that the RS has been registered with the AS, | |||
potentially in a similar way as the client has been registered with | potentially in a similar way as the client has been registered with | |||
the AS. Established keying material between the AS and the RS allows | the AS. Established keying material between the AS and the RS allows | |||
the AS to apply cryptographic protection to the access token to | the AS to apply cryptographic protection to the access token to | |||
ensure that its content cannot be modified, and if needed, that the | ensure that its content cannot be modified and, if needed, that the | |||
content is confidentiality protected. Confidentiality protection of | content is confidentiality protected. Confidentiality protection of | |||
the access token content would be provided on top of confidentiality | the access token content would be provided on top of confidentiality | |||
protection via a communication security protocol. | protection via a communication security protocol. | |||
The keying material necessary for establishing communication security | The keying material necessary for establishing communication security | |||
between C and RS is dynamically established as part of the protocol | between the C and RS is dynamically established as part of the | |||
described in this document. | protocol described in this document. | |||
At the start of the protocol, there is an optional discovery step | At the start of the protocol, there is an optional discovery step | |||
where the client discovers the resource server and the resources this | where the client discovers the resource server and the resources this | |||
server hosts. In this step, the client might also determine what | server hosts. In this step, the client might also determine what | |||
permissions are needed to access the protected resource. A generic | permissions are needed to access the protected resource. A generic | |||
procedure is described in Section 5.1; profiles MAY define other | procedure is described in Section 5.1; profiles MAY define other | |||
procedures for discovery. | procedures for discovery. | |||
In Bluetooth Low Energy, for example, advertisements are broadcast by | In Bluetooth Low Energy, for example, advertisements are broadcast by | |||
a peripheral, including information about the primary services. In | a peripheral, including information about the primary services. In | |||
CoAP, as a second example, a client can make a request to "/.well- | CoAP, as a second example, a client can make a request to "/.well- | |||
known/core" to obtain information about available resources, which | known/core" to obtain information about available resources, which | |||
are returned in a standardized format as described in [RFC6690]. | are returned in a standardized format, as described in [RFC6690]. | |||
5. Framework | 5. Framework | |||
The following sections detail the profiling and extensions of OAuth | The following sections detail the profiling and extensions of OAuth | |||
2.0 for constrained environments, which constitutes the ACE | 2.0 for constrained environments, which constitutes the ACE | |||
framework. | framework. | |||
Credential Provisioning | Credential Provisioning | |||
In constrained environments it cannot be assumed that the client | In constrained environments, it cannot be assumed that the client | |||
and the RS are part of a common key infrastructure. Therefore, | and the RS are part of a common key infrastructure. Therefore, | |||
the AS provisions credentials and associated information to allow | the AS provisions credentials and associated information to allow | |||
mutual authentication between the client and the RS. The | mutual authentication between the client and the RS. The | |||
resulting security association between the client and the RS may | resulting security association between the client and the RS may | |||
then also be used to bind these credentials to the access tokens | then also be used to bind these credentials to the access tokens | |||
the client uses. | the client uses. | |||
Proof-of-Possession | Proof of Possession | |||
The ACE framework, by default, implements proof-of-possession for | The ACE framework, by default, implements proof of possession for | |||
access tokens, i.e., that the token holder can prove being a | access tokens, i.e., that the token holder can prove being a | |||
holder of the key bound to the token. The binding is provided by | holder of the key bound to the token. The binding is provided by | |||
the "cnf" claim [RFC8747] indicating what key is used for proof- | the "cnf" (confirmation) claim [RFC8747], indicating what key is | |||
of-possession. If a client needs to submit a new access token, | used for proof of possession. If a client needs to submit a new | |||
e.g., to obtain additional access rights, they can request that | access token, e.g., to obtain additional access rights, they can | |||
the AS binds this token to the same key as the previous one. | request that the AS binds this token to the same key as the | |||
previous one. | ||||
ACE Profiles | ACE Profiles | |||
The client or RS may be limited in the encodings or protocols it | The client or RS may be limited in the encodings or protocols it | |||
supports. To support a variety of different deployment settings, | supports. To support a variety of different deployment settings, | |||
specific interactions between client and RS are defined in an ACE | specific interactions between the client and RS are defined in an | |||
profile. In ACE framework the AS is expected to manage the | ACE profile. In the ACE framework, the AS is expected to manage | |||
matching of compatible profile choices between a client and an RS. | the matching of compatible profile choices between a client and an | |||
The AS informs the client of the selected profile using the | RS. The AS informs the client of the selected profile using the | |||
"ace_profile" parameter in the token response. | "ace_profile" parameter in the token response. | |||
OAuth 2.0 requires the use of TLS both to protect the communication | OAuth 2.0 requires the use of TLS to protect the communication | |||
between AS and client when requesting an access token; between client | between the AS and client when requesting an access token between the | |||
and RS when accessing a resource and between AS and RS if | client and RS when accessing a resource and between the AS and RS if | |||
introspection is used. In constrained settings TLS is not always | introspection is used. In constrained settings, TLS is not always | |||
feasible, or desirable. Nevertheless it is REQUIRED that the | feasible or desirable. Nevertheless, it is REQUIRED that the | |||
communications named above are encrypted, integrity protected and | communications named above are encrypted, integrity protected, and | |||
protected against message replay. It is also REQUIRED that the | protected against message replay. It is also REQUIRED that the | |||
communicating endpoints perform mutual authentication. Furthermore | communicating endpoints perform mutual authentication. Furthermore, | |||
it MUST be assured that responses are bound to the requests in the | it MUST be assured that responses are bound to the requests in the | |||
sense that the receiver of a response can be certain that the | sense that the receiver of a response can be certain that the | |||
response actually belongs to a certain request. Note that setting up | response actually belongs to a certain request. Note that setting up | |||
such a secure communication may require some unprotected messages to | such a secure communication may require some unprotected messages to | |||
be exchanged first (e.g. sending the token from the client to the | be exchanged first (e.g., sending the token from the client to the | |||
RS). | RS). | |||
Profiles MUST specify a communication security protocol between | Profiles MUST specify a communication security protocol between the | |||
client and RS that provides the features required above. Profiles | client and RS that provides the features required above. Profiles | |||
MUST specify a communication security protocol RECOMMENDED to be used | MUST specify a communication security protocol RECOMMENDED to be used | |||
between client and AS that provides the features required above. | between the client and AS that provides the features required above. | |||
Profiles MUST specify for introspection a communication security | Profiles MUST specify, for introspection, a communication security | |||
protocol RECOMMENDED to be used between RS and AS that provides the | protocol RECOMMENDED to be used between the RS and AS that provides | |||
features required above. These recommendations enable | the features required above. These recommendations enable | |||
interoperability between different implementations without the need | interoperability between different implementations without the need | |||
to define a new profile if the communication between C and AS, or | to define a new profile if the communication between the C and AS, or | |||
between RS and AS, is protected with a different security protocol | between the RS and AS, is protected with a different security | |||
complying with the security requirements above. | protocol complying with the security requirements above. | |||
In OAuth 2.0 the communication with the Token and the Introspection | In OAuth 2.0, the communication with the Token and the Introspection | |||
endpoints at the AS is assumed to be via HTTP and may use Uri-query | endpoints at the AS is assumed to be via HTTP and may use Uri-query | |||
parameters. When profiles of this framework use CoAP instead, it is | parameters. When profiles of this framework use CoAP instead, it is | |||
REQUIRED to use of the following alternative instead of Uri-query | REQUIRED to use of the following alternative instead of Uri-query | |||
parameters: The sender (client or RS) encodes the parameters of its | parameters: The sender (client or RS) encodes the parameters of its | |||
request as a CBOR map and submits that map as the payload of the POST | request as a CBOR map and submits that map as the payload of the POST | |||
request. The CBOR encoding for a number of OAuth 2.0 parameters is | request. The CBOR encoding for a number of OAuth 2.0 parameters is | |||
specified in this document, if a profile needs to use other OAuth 2.0 | specified in this document; if a profile needs to use other OAuth 2.0 | |||
parameters with CoAP it MUST specify their CBOR encoding. | parameters with CoAP, it MUST specify their CBOR encoding. | |||
Profiles that use CBOR encoding of protocol message parameters at the | Profiles that use CBOR encoding of protocol message parameters at the | |||
outermost encoding layer MUST use the content format 'application/ | outermost encoding layer MUST use the Content-Format "application/ | |||
ace+cbor'. If CoAP is used for communication, the Content-Format | ace+cbor". If CoAP is used for communication, the Content-Format | |||
MUST be abbreviated with the ID: 19 (see Section 8.16). | MUST be abbreviated with the ID: 19 (see Section 8.16). | |||
The OAuth 2.0 AS uses a JSON structure in the payload of its | The OAuth 2.0 AS uses a JSON structure in the payload of its | |||
responses both to client and RS. If CoAP is used, it is REQUIRED to | responses both to the client and RS. If CoAP is used, it is REQUIRED | |||
use CBOR [RFC8949] instead of JSON. Depending on the profile, the | to use CBOR [RFC8949] instead of JSON. Depending on the profile, the | |||
CBOR payload MAY be enclosed in a non-CBOR cryptographic wrapper. | CBOR payload MAY be enclosed in a non-CBOR cryptographic wrapper. | |||
5.1. Discovering Authorization Servers | 5.1. Discovering Authorization Servers | |||
C must discover the AS in charge of RS to determine where to request | The C must discover the AS in charge of the RS to determine where to | |||
the access token. To do so, C must 1. find out the AS URI to which | request the access token. To do so, the C 1) must find out the AS | |||
the token request message must be sent and 2. MUST validate that the | URI to which the token request message must be sent and 2) MUST | |||
AS with this URI is authorized to provide access tokens for this RS. | validate that the AS with this URI is authorized to provide access | |||
tokens for this RS. | ||||
In order to determine the AS URI, C MAY send an initial Unauthorized | In order to determine the AS URI, the C MAY send an initial | |||
Resource Request message to RS. RS then denies the request and sends | Unauthorized Resource Request message to the RS. The RS then denies | |||
the address of its AS back to C (see Section 5.2). How C validates | the request and sends the address of its AS back to the C (see | |||
the AS authorization is not in scope for this document. C may, e.g., | Section 5.2). How the C validates the AS authorization is not in | |||
ask its owner if this AS is authorized for this RS. C may also use a | scope for this document. The C may, for example, ask its owner if | |||
mechanism that addresses both problems at once (e.g. by querying a | this AS is authorized for this RS. The C may also use a mechanism | |||
dedicated secure service provided by the client owner) . | that addresses both problems at once (e.g., by querying a dedicated | |||
secure service provided by the client owner) . | ||||
5.2. Unauthorized Resource Request Message | 5.2. Unauthorized Resource Request Message | |||
An Unauthorized Resource Request message is a request for any | An Unauthorized Resource Request message is a request for any | |||
resource hosted by RS for which the client does not have | resource hosted by the RS for which the client does not have | |||
authorization granted. RSes MUST treat any request for a protected | authorization granted. The RSs MUST treat any request for a | |||
resource as an Unauthorized Resource Request message when any of the | protected resource as an Unauthorized Resource Request message when | |||
following hold: | any of the following hold: | |||
* The request has been received on an unsecured channel. | * The request has been received on an unsecured channel. | |||
* The RS has no valid access token for the sender of the request | * The RS has no valid access token for the sender of the request | |||
regarding the requested action on that resource. | regarding the requested action on that resource. | |||
* The RS has a valid access token for the sender of the request, but | * The RS has a valid access token for the sender of the request, but | |||
that token does not authorize the requested action on the | that token does not authorize the requested action on the | |||
requested resource. | requested resource. | |||
Note: These conditions ensure that the RS can handle requests | Note: These conditions ensure that the RS can handle requests | |||
autonomously once access was granted and a secure channel has been | autonomously once access was granted and a secure channel has been | |||
established between C and RS. The authz-info endpoint, as part of | established between the C and RS. The authz-info endpoint, as part | |||
the process for authorizing to protected resources, is not itself a | of the process for authorizing to protected resources, is not itself | |||
protected resource and MUST NOT be protected as specified above (cf. | a protected resource and MUST NOT be protected as specified above | |||
Section 5.10.1). | (cf. Section 5.10.1). | |||
Unauthorized Resource Request messages MUST be denied with an | Unauthorized Resource Request messages MUST be denied with an | |||
"unauthorized_client" error response. In this response, the Resource | "unauthorized_client" error response. In this response, the resource | |||
Server SHOULD provide proper "AS Request Creation Hints" to enable | server SHOULD provide proper "AS Request Creation Hints" to enable | |||
the client to request an access token from RS's AS as described in | the client to request an access token from the RS's AS, as described | |||
Section 5.3. | in Section 5.3. | |||
The handling of all client requests (including unauthorized ones) by | The handling of all client requests (including unauthorized ones) by | |||
the RS is described in Section 5.10.2. | the RS is described in Section 5.10.2. | |||
5.3. AS Request Creation Hints | 5.3. AS Request Creation Hints | |||
The "AS Request Creation Hints" message is sent by an RS as a | The "AS Request Creation Hints" message is sent by an RS as a | |||
response to an Unauthorized Resource Request message (see | response to an Unauthorized Resource Request message (see | |||
Section 5.2) to help the sender of the Unauthorized Resource Request | Section 5.2) to help the sender of the Unauthorized Resource Request | |||
message acquire a valid access token. The "AS Request Creation | message acquire a valid access token. The "AS Request Creation | |||
Hints" message is a CBOR or JSON map, with an OPTIONAL element "AS" | Hints" message is a CBOR or JSON map, with an OPTIONAL element "AS" | |||
specifying an absolute URI (see Section 4.3 of [RFC3986]) that | specifying an absolute URI (see Section 4.3 of [RFC3986]) that | |||
identifies the appropriate AS for the RS. | identifies the appropriate AS for the RS. | |||
The message can also contain the following OPTIONAL parameters: | The message can also contain the following OPTIONAL parameters: | |||
* A "audience" element contains an identifier the client should | * An "audience" element contains an identifier the client should | |||
request at the AS, as suggested by the RS. With this parameter, | request at the AS, as suggested by the RS. With this parameter, | |||
when included in the access token request to the AS, the AS is | when included in the access token request to the AS, the AS is | |||
able to restrict the use of access token to specific RSs. See | able to restrict the use of the access token to specific RSs. See | |||
Section 6.9 for a discussion of this parameter. | Section 6.9 for a discussion of this parameter. | |||
* A "kid" element containing the key identifier of a key used in an | * A "kid" (key identifier) element contains the key identifier of a | |||
existing security association between the client and the RS. The | key used in an existing security association between the client | |||
RS expects the client to request an access token bound to this | and the RS. The RS expects the client to request an access token | |||
key, in order to avoid having to re-establish the security | bound to this key in order to avoid having to reestablish the | |||
association. | security association. | |||
* A "cnonce" element containing a client-nonce. See Section 5.3.1. | * A "cnonce" element contains a client-nonce. See Section 5.3.1. | |||
* A "scope" element containing the suggested scope that the client | * A "scope" element contains the suggested scope that the client | |||
should request towards the AS. | should request towards the AS. | |||
Figure 2 summarizes the parameters that may be part of the "AS | Table 1 summarizes the parameters that may be part of the "AS Request | |||
Request Creation Hints". | Creation Hints". | |||
/-----------+----------+---------------------\ | +==========+==========+=====================+ | |||
| Name | CBOR Key | Value Type | | | Name | CBOR Key | Value Type | | |||
|-----------+----------+---------------------| | +==========+==========+=====================+ | |||
| AS | 1 | text string | | | AS | 1 | text string | | |||
| kid | 2 | byte string | | +----------+----------+---------------------+ | |||
| audience | 5 | text string | | | kid | 2 | byte string | | |||
| scope | 9 | text or byte string | | +----------+----------+---------------------+ | |||
| cnonce | 39 | byte string | | | audience | 5 | text string | | |||
\-----------+----------+---------------------/ | +----------+----------+---------------------+ | |||
| scope | 9 | text or byte string | | ||||
+----------+----------+---------------------+ | ||||
| cnonce | 39 | byte string | | ||||
+----------+----------+---------------------+ | ||||
Figure 2: AS Request Creation Hints | Table 1: AS Request Creation Hints | |||
Note that the schema part of the AS parameter may need to be adapted | Note that the schema part of the AS parameter may need to be adapted | |||
to the security protocol that is used between the client and the AS. | to the security protocol that is used between the client and the AS. | |||
Thus the example AS value "coap://as.example.com/token" might need to | Thus, the example AS value "coap://as.example.com/token" might need | |||
be transformed to "coaps://as.example.com/token". It is assumed that | to be transformed to "coaps://as.example.com/token". It is assumed | |||
the client can determine the correct schema part on its own depending | that the client can determine the correct schema part on its own | |||
on the way it communicates with the AS. | depending on the way it communicates with the AS. | |||
Figure 3 shows an example for an "AS Request Creation Hints" message | Figure 2 shows an example for an "AS Request Creation Hints" message | |||
payload using CBOR [RFC8949] diagnostic notation, using the parameter | payload using CBOR [RFC8949] diagnostic notation, using the parameter | |||
names instead of the CBOR keys for better human readability. | names instead of the CBOR keys for better human readability. | |||
4.01 Unauthorized | 4.01 Unauthorized | |||
Content-Format: application/ace+cbor | Content-Format: application/ace+cbor | |||
Payload : | Payload : | |||
{ | { | |||
"AS" : "coaps://as.example.com/token", | "AS" : "coaps://as.example.com/token", | |||
"audience" : "coaps://rs.example.com" | "audience" : "coaps://rs.example.com" | |||
"scope" : "rTempC", | "scope" : "rTempC", | |||
"cnonce" : h'e0a156bb3f' | "cnonce" : h'e0a156bb3f' | |||
} | } | |||
Figure 3: AS Request Creation Hints payload example | Figure 2: AS Request Creation Hints Payload Example | |||
In the example above, the response parameter "AS" points the receiver | In the example above, the response parameter "AS" points the receiver | |||
of this message to the URI "coaps://as.example.com/token" to request | of this message to the URI "coaps://as.example.com/token" to request | |||
access tokens. The RS sending this response uses an internal clock | access tokens. The RS sending this response uses an internal clock | |||
that is not synchronized with the clock of the AS. Therefore, it can | that is not synchronized with the clock of the AS. Therefore, it | |||
not reliably verify the expiration time of access tokens it receives. | cannot reliably verify the expiration time of access tokens it | |||
To ensure a certain level of access token freshness nevertheless, the | receives. Nevertheless, to ensure a certain level of access token | |||
RS has included a "cnonce" parameter (see Section 5.3.1) in the | freshness, the RS has included a cnonce parameter (see Section 5.3.1) | |||
response. (The hex-sequence of the cnonce parameter is encoded in | in the response. (The hex sequence of the cnonce parameter is | |||
CBOR-based notation in this example.) | encoded in CBOR-based notation in this example.) | |||
Figure 4 illustrates the mandatory to use binary encoding of the | ||||
message payload shown in Figure 3. | Figure 3 illustrates the mandatory use of binary encoding of the | |||
message payload shown in Figure 2. | ||||
a4 # map(4) | a4 # map(4) | |||
01 # unsigned(1) (=AS) | 01 # unsigned(1) (=AS) | |||
78 1c # text(28) | 78 1c # text(28) | |||
636f6170733a2f2f61732e657861 | 636f6170733a2f2f61732e657861 | |||
6d706c652e636f6d2f746f6b656e # "coaps://as.example.com/token" | 6d706c652e636f6d2f746f6b656e # "coaps://as.example.com/token" | |||
05 # unsigned(5) (=audience) | 05 # unsigned(5) (=audience) | |||
76 # text(22) | 76 # text(22) | |||
636f6170733a2f2f72732e657861 | 636f6170733a2f2f72732e657861 | |||
6d706c652e636f6d # "coaps://rs.example.com" | 6d706c652e636f6d # "coaps://rs.example.com" | |||
09 # unsigned(9) (=scope) | 09 # unsigned(9) (=scope) | |||
66 # text(6) | 66 # text(6) | |||
7254656d7043 # "rTempC" | 7254656d7043 # "rTempC" | |||
18 27 # unsigned(39) (=cnonce) | 18 27 # unsigned(39) (=cnonce) | |||
45 # bytes(5) | 45 # bytes(5) | |||
e0a156bb3f # | e0a156bb3f # | |||
Figure 4: AS Request Creation Hints example encoded in CBOR | Figure 3: AS Request Creation Hints Example Encoded in CBOR | |||
5.3.1. The Client-Nonce Parameter | 5.3.1. The Client-Nonce Parameter | |||
If the RS does not synchronize its clock with the AS, it could be | If the RS does not synchronize its clock with the AS, it could be | |||
tricked into accepting old access tokens, that are either expired or | tricked into accepting old access tokens that are either expired or | |||
have been compromised. In order to ensure some level of token | have been compromised. In order to ensure some level of token | |||
freshness in that case, the RS can use the "cnonce" (client-nonce) | freshness in that case, the RS can use the "cnonce" (client-nonce) | |||
parameter. The processing requirements for this parameter are as | parameter. The processing requirements for this parameter are as | |||
follows: | follows: | |||
* An RS sending a "cnonce" parameter in an "AS Request Creation | * An RS sending a "cnonce" parameter in an "AS Request Creation | |||
Hints" message MUST store information to validate that a given | Hints" message MUST store information to validate that a given | |||
cnonce is fresh. How this is implemented internally is out of | cnonce is fresh. How this is implemented internally is out of | |||
scope for this specification. Expiration of client-nonces should | scope for this specification. Expiration of client-nonces should | |||
be based roughly on the time it would take a client to obtain an | be based roughly on the time it would take a client to obtain an | |||
skipping to change at page 20, line 11 ¶ | skipping to change at line 902 ¶ | |||
* If an AS grants an access token request containing a "cnonce" | * If an AS grants an access token request containing a "cnonce" | |||
parameter, it MUST include this value in the access token, using | parameter, it MUST include this value in the access token, using | |||
the "cnonce" claim specified in Section 5.10. | the "cnonce" claim specified in Section 5.10. | |||
* An RS that is using the client-nonce mechanism and that receives | * An RS that is using the client-nonce mechanism and that receives | |||
an access token MUST verify that this token contains a cnonce | an access token MUST verify that this token contains a cnonce | |||
claim, with a client-nonce value that is fresh according to the | claim, with a client-nonce value that is fresh according to the | |||
information stored at the first step above. If the cnonce claim | information stored at the first step above. If the cnonce claim | |||
is not present or if the cnonce claim value is not fresh, the RS | is not present or if the cnonce claim value is not fresh, the RS | |||
MUST discard the access token. If this was an interaction with | MUST discard the access token. If this was an interaction with | |||
the authz-info endpoint the RS MUST also respond with an error | the authz-info endpoint, the RS MUST also respond with an error | |||
message using a response code equivalent to the CoAP code 4.01 | message using a response code equivalent to the CoAP code 4.01 | |||
(Unauthorized). | (Unauthorized). | |||
5.4. Authorization Grants | 5.4. Authorization Grants | |||
To request an access token, the client obtains authorization from the | To request an access token, the client obtains authorization from the | |||
resource owner or uses its client credentials as a grant. The | resource owner or uses its client credentials as a grant. The | |||
authorization is expressed in the form of an authorization grant. | authorization is expressed in the form of an authorization grant. | |||
The OAuth framework [RFC6749] defines four grant types. The grant | The OAuth framework [RFC6749] defines four grant types. The grant | |||
types can be split up into two groups, those granted on behalf of the | types can be split up into two groups: those granted on behalf of the | |||
resource owner (password, authorization code, implicit) and those for | resource owner (password, authorization code, implicit) and those for | |||
the client (client credentials). Further grant types have been added | the client (client credentials). Further grant types have been added | |||
later, such as [RFC7521] defining an assertion-based authorization | later, such as an assertion-based authorization grant defined in | |||
grant. | [RFC7521]. | |||
The grant type is selected depending on the use case. In cases where | The grant type is selected depending on the use case. In cases where | |||
the client acts on behalf of the resource owner, the authorization | the client acts on behalf of the resource owner, the authorization | |||
code grant is recommended. If the client acts on behalf of the | code grant is recommended. If the client acts on behalf of the | |||
resource owner, but does not have any display or has very limited | resource owner but does not have any display or has very limited | |||
interaction possibilities, it is recommended to use the device code | interaction possibilities, it is recommended to use the device code | |||
grant defined in [RFC8628]. In cases where the client acts | grant defined in [RFC8628]. In cases where the client acts | |||
autonomously the client credentials grant is recommended. | autonomously, the client credentials grant is recommended. | |||
For details on the different grant types, see section 1.3 of | For details on the different grant types, see Section 1.3 of | |||
[RFC6749]. The OAuth 2.0 framework provides an extension mechanism | [RFC6749]. The OAuth 2.0 framework provides an extension mechanism | |||
for defining additional grant types, so profiles of this framework | for defining additional grant types, so profiles of this framework | |||
MAY define additional grant types, if needed. | MAY define additional grant types, if needed. | |||
5.5. Client Credentials | 5.5. Client Credentials | |||
Authentication of the client is mandatory independent of the grant | Authentication of the client is mandatory independent of the grant | |||
type when requesting an access token from the token endpoint. In the | type when requesting an access token from the token endpoint. In the | |||
case of the client credentials grant type, the authentication and | case of the client credentials grant type, the authentication and | |||
grant coincide. | grant coincide. | |||
Client registration and provisioning of client credentials to the | Client registration and provisioning of client credentials to the | |||
client is out of scope for this specification. | client is out of scope for this specification. | |||
The OAuth framework defines one client credential type in section | The OAuth framework defines two client credential types in | |||
2.3.1 of [RFC6749]: client id and client secret. | Section 2.3.1 of [RFC6749]: client id and client secret. | |||
[I-D.erdtman-ace-rpcc] adds raw-public-key and pre-shared-key to the | [OAUTH-RPCC] adds raw public key and pre-shared key to the client | |||
client credentials types. Profiles of this framework MAY extend with | credentials types. Profiles of this framework MAY extend with an | |||
an additional client credentials type using client certificates. | additional client credentials type using client certificates. | |||
5.6. AS Authentication | 5.6. AS Authentication | |||
The client credential grant does not, by default, authenticate the AS | The client credentials grant does not, by default, authenticate the | |||
that the client connects to. In classic OAuth, the AS is | AS that the client connects to. In classic OAuth, the AS is | |||
authenticated with a TLS server certificate. | authenticated with a TLS server certificate. | |||
Profiles of this framework MUST specify how clients authenticate the | Profiles of this framework MUST specify how clients authenticate the | |||
AS and how communication security is implemented. By default, server | AS and how communication security is implemented. By default, server | |||
side TLS certificates, as defined by OAuth 2.0, are required. | side TLS certificates, as defined by OAuth 2.0, are required. | |||
5.7. The Authorization Endpoint | 5.7. The Authorization Endpoint | |||
The OAuth 2.0 authorization endpoint is used to interact with the | The OAuth 2.0 authorization endpoint is used to interact with the | |||
resource owner and obtain an authorization grant, in certain grant | resource owner and obtain an authorization grant in certain grant | |||
flows. The primary use case for the ACE-OAuth framework is for | flows. The primary use case for the ACE-OAuth framework is for | |||
machine-to-machine interactions that do not involve the resource | machine-to-machine interactions that do not involve the resource | |||
owner in the authorization flow; therefore, this endpoint is out of | owner in the authorization flow; therefore, this endpoint is out of | |||
scope here. Future profiles may define constrained adaptation | scope here. Future profiles may define constrained adaptation | |||
mechanisms for this endpoint as well. Non-constrained clients | mechanisms for this endpoint as well. Nonconstrained clients | |||
interacting with constrained resource servers can use the | interacting with constrained resource servers can use the | |||
specification in section 3.1 of [RFC6749] and the attack | specification in Section 3.1 of [RFC6749] and the attack | |||
countermeasures suggested in section 4.2 of [RFC6819]. | countermeasures suggested in Section 4.2 of [RFC6819]. | |||
5.8. The Token Endpoint | 5.8. The Token Endpoint | |||
In standard OAuth 2.0, the AS provides the token endpoint for | In standard OAuth 2.0, the AS provides the token endpoint for | |||
submitting access token requests. This framework extends the | submitting access token requests. This framework extends the | |||
functionality of the token endpoint, giving the AS the possibility to | functionality of the token endpoint, giving the AS the possibility to | |||
help the client and RS to establish shared keys or to exchange their | help the client and RS establish shared keys or exchange their public | |||
public keys. Furthermore, this framework defines encodings using | keys. Furthermore, this framework defines encodings using CBOR as a | |||
CBOR, as a substitute for JSON. | substitute for JSON. | |||
The endpoint may also be exposed over HTTPS as in classical OAuth or | The endpoint may also be exposed over HTTPS, as in classical OAuth or | |||
even other transports. A profile MUST define the details of the | even other transports. A profile MUST define the details of the | |||
mapping between the fields described below, and these transports. If | mapping between the fields described below and these transports. If | |||
HTTPS is used, the semantics of Sections 4.1.3 and 4.1.4 of the OAuth | HTTPS with JSON is used, the semantics of Sections 4.1.3 and 4.1.4 of | |||
2.0 specification MUST be followed (with additions as described | the OAuth 2.0 specification [RFC6749] MUST be followed (with | |||
below). If the CoAP is some other transport with CBOR payload format | additions as described below). If CBOR is used as the payload | |||
is supported, the semantics described in this section MUST be | format, the semantics described in this section MUST be followed. | |||
followed. | ||||
For the AS to be able to issue a token, the client MUST be | For the AS to be able to issue a token, the client MUST be | |||
authenticated and present a valid grant for the scopes requested. | authenticated and present a valid grant for the scopes requested. | |||
Profiles of this framework MUST specify how the AS authenticates the | Profiles of this framework MUST specify how the AS authenticates the | |||
client and how the communication between client and AS is protected, | client and how the communication between the client and AS is | |||
fulfilling the requirements specified in Section 5. | protected, fulfilling the requirements specified in Section 5. | |||
The default name of this endpoint in an url-path SHOULD be '/token'. | The default name of this endpoint in a url-path SHOULD be '/token'. | |||
However, implementations are not required to use this name and can | However, implementations are not required to use this name and can | |||
define their own instead. | define their own instead. | |||
The figures of this section use CBOR diagnostic notation without the | The figures of this section use CBOR diagnostic notation without the | |||
integer abbreviations for the parameters or their values for | integer abbreviations for the parameters or their values for | |||
illustrative purposes. Note that implementations MUST use the | illustrative purposes. Note that implementations MUST use the | |||
integer abbreviations and the binary CBOR encoding, if the CBOR | integer abbreviations and the binary CBOR encoding if the CBOR | |||
encoding is used. | encoding is used. | |||
5.8.1. Client-to-AS Request | 5.8.1. Client-to-AS Request | |||
The client sends a POST request to the token endpoint at the AS. The | The client sends a POST request to the token endpoint at the AS. The | |||
profile MUST specify how the communication is protected. The content | profile MUST specify how the communication is protected. The content | |||
of the request consists of the parameters specified in the relevant | of the request consists of the parameters specified in the relevant | |||
subsection of section 4 of the OAuth 2.0 specification [RFC6749], | subsection of Section 4 of the OAuth 2.0 specification [RFC6749], | |||
depending on the grant type, with the following exceptions and | depending on the grant type, with the following exceptions and | |||
additions: | additions: | |||
* The parameter "grant_type" is OPTIONAL in the context of this | * The parameter "grant_type" is OPTIONAL in the context of this | |||
framework (as opposed to REQUIRED in RFC6749). If that parameter | framework (as opposed to REQUIRED in [RFC6749]). If that | |||
is missing, the default value "client_credentials" is implied. | parameter is missing, the default value "client_credentials" is | |||
implied. | ||||
* The "audience" parameter from [RFC8693] is OPTIONAL to request an | * The "audience" parameter from [RFC8693] is OPTIONAL to request an | |||
access token bound to a specific audience. | access token bound to a specific audience. | |||
* The "cnonce" parameter defined in Section 5.8.4.4 is REQUIRED if | * The "cnonce" parameter defined in Section 5.8.4.4 is REQUIRED if | |||
the RS provided a client-nonce in the "AS Request Creation Hints" | the RS provided a client-nonce in the "AS Request Creation Hints" | |||
message Section 5.3 | message (Section 5.3). | |||
* The "scope" parameter MAY be encoded as a byte string instead of | * The "scope" parameter MAY be encoded as a byte string instead of | |||
the string encoding specified in section 3.3 of [RFC6749], in | the string encoding specified in Section 3.3 of [RFC6749] or in | |||
order allow compact encoding of complex scopes. The syntax of | order to allow compact encoding of complex scopes. The syntax of | |||
such a binary encoding is explicitly not specified here and left | such a binary encoding is explicitly not specified here and left | |||
to profiles or applications. Note specifically that a binary | to profiles or applications. Note specifically that a binary | |||
encoded scope does not necessarily use the space character '0x20' | encoded scope does not necessarily use the space character '0x20' | |||
to delimit scope-tokens. | to delimit scope-tokens. | |||
* The client can send an empty (null value) "ace_profile" parameter | * The client can send an empty (null value) "ace_profile" parameter | |||
to indicate that it wants the AS to include the "ace_profile" | to indicate that it wants the AS to include the "ace_profile" | |||
parameter in the response. See Section 5.8.4.3. | parameter in the response. See Section 5.8.4.3. | |||
* A client MUST be able to use the parameters from | * A client MUST be able to use the parameters from [RFC9201] in an | |||
[I-D.ietf-ace-oauth-params] in an access token request to the | access token request to the token endpoint, and the AS MUST be | |||
token endpoint and the AS MUST be able to process these additional | able to process these additional parameters. | |||
parameters. | ||||
The default behavior, is that the AS generates a symmetric proof-of- | The default behavior is that the AS generates a symmetric proof-of- | |||
possession key for the client. In order to use an asymmetric key | possession key for the client. In order to use an asymmetric key | |||
pair or to re-use a key previously established with the RS, the | pair or to reuse a key previously established with the RS, the client | |||
client is supposed to use the "req_cnf" parameter from | is supposed to use the "req_cnf" parameter from [RFC9201]. | |||
[I-D.ietf-ace-oauth-params]. | ||||
If CoAP is used then these parameters MUST be provided in a CBOR map, | If CoAP is used, then these parameters MUST be provided in a CBOR map | |||
see Figure 12. | (see Table 5). | |||
When HTTP is used as a transport then the client makes a request to | When HTTP is used as a transport, then the client makes a request to | |||
the token endpoint, the parameters MUST be encoded as defined in | the token endpoint; the parameters MUST be encoded as defined in | |||
Appendix B of [RFC6749]. | Appendix B of [RFC6749]. | |||
The following examples illustrate different types of requests for | The following examples illustrate different types of requests for | |||
proof-of-possession tokens. | proof-of-possession tokens. | |||
Figure 5 shows a request for a token with a symmetric proof-of- | Figure 4 shows a request for a token with a symmetric proof-of- | |||
possession key. The content is displayed in CBOR diagnostic | possession key. The content is displayed in CBOR diagnostic | |||
notation, without abbreviations for better readability. | notation, without abbreviations for better readability. | |||
Header: POST (Code=0.02) | Header: POST (Code=0.02) | |||
Uri-Host: "as.example.com" | Uri-Host: "as.example.com" | |||
Uri-Path: "token" | Uri-Path: "token" | |||
Content-Format: "application/ace+cbor" | Content-Format: "application/ace+cbor" | |||
Payload: | Payload: | |||
{ | { | |||
"client_id" : "myclient", | "client_id" : "myclient", | |||
"audience" : "tempSensor4711" | "audience" : "tempSensor4711" | |||
} | } | |||
Figure 5: Example request for an access token bound to a | Figure 4: Example Request for an Access Token Bound to a | |||
symmetric key. | Symmetric Key | |||
Figure 6 shows a request for a token with an asymmetric proof-of- | Figure 5 shows a request for a token with an asymmetric proof-of- | |||
possession key. Note that in this example OSCORE [RFC8613] is used | possession key. Note that, in this example, OSCORE [RFC8613] is used | |||
to provide object-security, therefore the Content-Format is | to provide object-security; therefore, the Content-Format is | |||
"application/oscore" wrapping the "application/ace+cbor" type | "application/oscore" wrapping the "application/ace+cbor" type | |||
content. The OSCORE option has a decoded interpretation appended in | content. The OSCORE option has a decoded interpretation appended in | |||
parentheses for the reader's convenience. Also note that in this | parentheses for the reader's convenience. Also note that, in this | |||
example the audience is implicitly known by both client and AS. | example, the audience is implicitly known by both the client and AS. | |||
Furthermore note that this example uses the "req_cnf" parameter from | Furthermore, note that this example uses the "req_cnf" parameter from | |||
[I-D.ietf-ace-oauth-params]. | [RFC9201]. | |||
Header: POST (Code=0.02) | Header: POST (Code=0.02) | |||
Uri-Host: "as.example.com" | Uri-Host: "as.example.com" | |||
Uri-Path: "token" | Uri-Path: "token" | |||
OSCORE: 0x09, 0x05, 0x44, 0x6C | OSCORE: 0x09, 0x05, 0x44, 0x6C | |||
(h=0, k=1, n=001, partialIV= 0x05, kid=[0x44, 0x6C]) | (h=0, k=1, n=001, partialIV= 0x05, kid=[0x44, 0x6C]) | |||
Content-Format: "application/oscore" | Content-Format: "application/oscore" | |||
Payload: | Payload: | |||
0x44025d1 ... (full payload omitted for brevity) ... 68b3825e | 0x44025d1 ... (full payload omitted for brevity) ... 68b3825e | |||
skipping to change at page 24, line 28 ¶ | skipping to change at line 1106 ¶ | |||
"COSE_Key" : { | "COSE_Key" : { | |||
"kty" : "EC", | "kty" : "EC", | |||
"kid" : h'11', | "kid" : h'11', | |||
"crv" : "P-256", | "crv" : "P-256", | |||
"x" : b64'usWxHK2PmfnHKwXPS54m0kTcGJ90UiglWiGahtagnv8', | "x" : b64'usWxHK2PmfnHKwXPS54m0kTcGJ90UiglWiGahtagnv8', | |||
"y" : b64'IBOL+C3BttVivg+lSreASjpkttcsz+1rb7btKLv8EX4' | "y" : b64'IBOL+C3BttVivg+lSreASjpkttcsz+1rb7btKLv8EX4' | |||
} | } | |||
} | } | |||
} | } | |||
Figure 6: Example token request bound to an asymmetric key. | Figure 5: Example Token Request Bound to an Asymmetric Key | |||
Figure 7 shows a request for a token where a previously communicated | Figure 6 shows a request for a token where a previously communicated | |||
proof-of-possession key is only referenced using the "req_cnf" | proof-of-possession key is only referenced using the "req_cnf" | |||
parameter from [I-D.ietf-ace-oauth-params]. | parameter from [RFC9201]. | |||
Header: POST (Code=0.02) | Header: POST (Code=0.02) | |||
Uri-Host: "as.example.com" | Uri-Host: "as.example.com" | |||
Uri-Path: "token" | Uri-Path: "token" | |||
Content-Format: "application/ace+cbor" | Content-Format: "application/ace+cbor" | |||
Payload: | Payload: | |||
{ | { | |||
"client_id" : "myclient", | "client_id" : "myclient", | |||
"audience" : "valve424", | "audience" : "valve424", | |||
"scope" : "read", | "scope" : "read", | |||
"req_cnf" : { | "req_cnf" : { | |||
"kid" : b64'6kg0dXJM13U' | "kid" : b64'6kg0dXJM13U' | |||
} | } | |||
} | } | |||
Figure 7: Example request for an access token bound to a key | Figure 6: Example Request for an Access Token Bound to a Key | |||
reference. | Reference | |||
Refresh tokens are typically not stored as securely as proof-of- | Refresh tokens are typically not stored as securely as proof-of- | |||
possession keys in requesting clients. Proof-of-possession based | possession keys in requesting clients. Proof-of-possession-based | |||
refresh token requests MUST NOT request different proof-of-possession | refresh token requests MUST NOT request different proof-of-possession | |||
keys or different audiences in token requests. Refresh token | keys or different audiences in token requests. Refresh token | |||
requests can only use to request access tokens bound to the same | requests can only be used to request access tokens bound to the same | |||
proof-of-possession key and the same audience as access tokens issued | proof-of-possession key and the same audience as access tokens issued | |||
in the initial token request. | in the initial token request. | |||
5.8.2. AS-to-Client Response | 5.8.2. AS-to-Client Response | |||
If the access token request has been successfully verified by the AS | If the access token request has been successfully verified by the AS | |||
and the client is authorized to obtain an access token corresponding | and the client is authorized to obtain an access token corresponding | |||
to its access token request, the AS sends a response with the | to its access token request, the AS sends a response with the | |||
response code equivalent to the CoAP response code 2.01 (Created). | response code equivalent to the CoAP response code 2.01 (Created). | |||
If client request was invalid, or not authorized, the AS returns an | If the client request was invalid, or not authorized, the AS returns | |||
error response as described in Section 5.8.3. | an error response, as described in Section 5.8.3. | |||
Note that the AS decides which token type and profile to use when | Note that the AS decides which token type and profile to use when | |||
issuing a successful response. It is assumed that the AS has prior | issuing a successful response. It is assumed that the AS has prior | |||
knowledge of the capabilities of the client and the RS (see | knowledge of the capabilities of the client and the RS (see | |||
Appendix D). This prior knowledge may, for example, be set by the | Appendix D). This prior knowledge may, for example, be set by the | |||
use of a dynamic client registration protocol exchange [RFC7591]. If | use of a dynamic client registration protocol exchange [RFC7591]. If | |||
the client has requested a specific proof-of-possession key using the | the client has requested a specific proof-of-possession key using the | |||
"req_cnf" parameter from [I-D.ietf-ace-oauth-params], this may also | "req_cnf" parameter from [RFC9201], this may also influence which | |||
influence which profile the AS selects, as it needs to support the | profile the AS selects, as it needs to support the use of the key | |||
use of the key type requested the client. | type requested by the client. | |||
The content of the successful reply is the Access Information. When | The content of the successful reply is the Access Information. When | |||
using CoAP, the payload MUST be encoded as a CBOR map, when using | using CoAP, the payload MUST be encoded as a CBOR map; when using | |||
HTTP the encoding is a JSON map as specified in section 5.1 of | HTTP, the encoding is a JSON map, as specified in Section 5.1 of | |||
[RFC6749]. In both cases the parameters specified in Section 5.1 of | [RFC6749]. In both cases, the parameters specified in Section 5.1 of | |||
[RFC6749] are used, with the following additions and changes: | [RFC6749] are used, with the following additions and changes: | |||
ace_profile: | ace_profile: | |||
OPTIONAL unless the request included an empty ace_profile | This parameter is OPTIONAL unless the request included an empty | |||
parameter in which case it is MANDATORY. This indicates the | ace_profile parameter, in which case it is MANDATORY. This | |||
profile that the client MUST use towards the RS. See | indicates the profile that the client MUST use towards the RS. | |||
Section 5.8.4.3 for the formatting of this parameter. If this | See Section 5.8.4.3 for the formatting of this parameter. If | |||
parameter is absent, the AS assumes that the client implicitly | this parameter is absent, the AS assumes that the client | |||
knows which profile to use towards the RS. | implicitly knows which profile to use towards the RS. | |||
token_type: | token_type: | |||
This parameter is OPTIONAL, as opposed to 'required' in [RFC6749]. | This parameter is OPTIONAL, as opposed to REQUIRED in | |||
By default implementations of this framework SHOULD assume that | [RFC6749]. By default, implementations of this framework | |||
the token_type is "PoP". If a specific use case requires another | SHOULD assume that the token_type is "PoP". If a specific use | |||
token_type (e.g., "Bearer") to be used then this parameter is | case requires another token_type (e.g., "Bearer") to be used, | |||
REQUIRED. | then this parameter is REQUIRED. | |||
Furthermore [I-D.ietf-ace-oauth-params] defines additional parameters | Furthermore, [RFC9201] defines additional parameters that the AS MUST | |||
that the AS MUST be able to use when responding to a request to the | be able to use when responding to a request to the token endpoint. | |||
token endpoint. | ||||
Figure 8 summarizes the parameters that can currently be part of the | Table 2 summarizes the parameters that can currently be part of the | |||
Access Information. Future extensions may define additional | Access Information. Future extensions may define additional | |||
parameters. | parameters. | |||
/-------------------+-------------------------------\ | +===================+==============+ | |||
| Parameter name | Specified in | | | Parameter name | Specified in | | |||
|-------------------+-------------------------------| | +===================+==============+ | |||
| access_token | RFC 6749 | | | access_token | [RFC6749] | | |||
| token_type | RFC 6749 | | +-------------------+--------------+ | |||
| expires_in | RFC 6749 | | | token_type | [RFC6749] | | |||
| refresh_token | RFC 6749 | | +-------------------+--------------+ | |||
| scope | RFC 6749 | | | expires_in | [RFC6749] | | |||
| state | RFC 6749 | | +-------------------+--------------+ | |||
| error | RFC 6749 | | | refresh_token | [RFC6749] | | |||
| error_description | RFC 6749 | | +-------------------+--------------+ | |||
| error_uri | RFC 6749 | | | scope | [RFC6749] | | |||
| ace_profile | [this document] | | +-------------------+--------------+ | |||
| cnf | [I-D.ietf-ace-oauth-params] | | | state | [RFC6749] | | |||
| rs_cnf | [I-D.ietf-ace-oauth-params] | | +-------------------+--------------+ | |||
\-------------------+-------------------------------/ | | error | [RFC6749] | | |||
+-------------------+--------------+ | ||||
| error_description | [RFC6749] | | ||||
+-------------------+--------------+ | ||||
| error_uri | [RFC6749] | | ||||
+-------------------+--------------+ | ||||
| ace_profile | RFC 9200 | | ||||
+-------------------+--------------+ | ||||
| cnf | [RFC9201] | | ||||
+-------------------+--------------+ | ||||
| rs_cnf | [RFC9201] | | ||||
+-------------------+--------------+ | ||||
Figure 8: Access Information parameters | Table 2: Access Information | |||
Parameters | ||||
Figure 9 shows a response containing a token and a "cnf" parameter | Figure 7 shows a response containing a token and a "cnf" parameter | |||
with a symmetric proof-of-possession key, which is defined in | with a symmetric proof-of-possession key, which is defined in | |||
[I-D.ietf-ace-oauth-params]. Note that the key identifier 'kid' is | [RFC9201]. Note that the key identifier 'kid' is only used to | |||
only used to simplify indexing and retrieving the key, and no | simplify indexing and retrieving the key, and no assumptions should | |||
assumptions should be made that it is unique in the domains of either | be made that it is unique in the domains of either the client or the | |||
the client or the RS. | RS. | |||
Header: Created (Code=2.01) | Header: Created (Code=2.01) | |||
Content-Format: "application/ace+cbor" | Content-Format: "application/ace+cbor" | |||
Payload: | Payload: | |||
{ | { | |||
"access_token" : b64'SlAV32hkKG ... | "access_token" : b64'SlAV32hkKG ... | |||
(remainder of CWT omitted for brevity; | (remainder of CWT omitted for brevity; | |||
CWT contains COSE_Key in the "cnf" claim)', | CWT contains COSE_Key in the "cnf" claim)', | |||
"ace_profile" : "coap_dtls", | "ace_profile" : "coap_dtls", | |||
"expires_in" : "3600", | "expires_in" : "3600", | |||
"cnf" : { | "cnf" : { | |||
"COSE_Key" : { | "COSE_Key" : { | |||
"kty" : "Symmetric", | "kty" : "Symmetric", | |||
"kid" : b64'39Gqlw', | "kid" : b64'39Gqlw', | |||
"k" : b64'hJtXhkV8FJG+Onbc6mxCcQh' | "k" : b64'hJtXhkV8FJG+Onbc6mxCcQh' | |||
} | } | |||
} | } | |||
} | } | |||
Figure 9: Example AS response with an access token bound to a | Figure 7: Example AS Response with an Access Token Bound to a | |||
symmetric key. | Symmetric Key | |||
5.8.3. Error Response | 5.8.3. Error Response | |||
The error responses for interactions with the AS are generally | The error responses for interactions with the AS are generally | |||
equivalent to the ones defined in Section 5.2 of [RFC6749], with the | equivalent to the ones defined in Section 5.2 of [RFC6749], with the | |||
following exceptions: | following exceptions: | |||
* When using CoAP the payload MUST be encoded as a CBOR map, with | * When using CoAP, the payload MUST be encoded as a CBOR map, with | |||
the Content-Format "application/ace+cbor". When using HTTP the | the Content-Format "application/ace+cbor". When using HTTP, the | |||
payload is encoded in JSON as specified in section 5.2 of | payload is encoded in JSON, as specified in Section 5.2 of | |||
[RFC6749]. | [RFC6749]. | |||
* A response code equivalent to the CoAP code 4.00 (Bad Request) | * A response code equivalent to the CoAP code 4.00 (Bad Request) | |||
MUST be used for all error responses, except for invalid_client | MUST be used for all error responses, except for invalid_client, | |||
where a response code equivalent to the CoAP code 4.01 | where a response code equivalent to the CoAP code 4.01 | |||
(Unauthorized) MAY be used under the same conditions as specified | (Unauthorized) MAY be used under the same conditions as specified | |||
in Section 5.2 of [RFC6749]. | in Section 5.2 of [RFC6749]. | |||
* The parameters "error", "error_description" and "error_uri" MUST | * The parameters "error", "error_description", and "error_uri" MUST | |||
be abbreviated using the codes specified in Figure 12, when a CBOR | be abbreviated using the codes specified in Table 5, when a CBOR | |||
encoding is used. | encoding is used. | |||
* The error code (i.e., value of the "error" parameter) MUST be | * The error code (i.e., value of the "error" parameter) MUST be | |||
abbreviated as specified in Figure 10, when a CBOR encoding is | abbreviated, as specified in Table 3, when a CBOR encoding is | |||
used. | used. | |||
/---------------------------+--------+--------------------------\ | +===========================+=============+========================+ | |||
| | CBOR | Original | | | Name | CBOR Values | Original Specification | | |||
| Name | Values | Specification | | +===========================+=============+========================+ | |||
|---------------------------+--------+--------------------------| | | invalid_request | 1 | Section 5.2 of | | |||
| invalid_request | 1 | section 5.2 of [RFC6749] | | | | | [RFC6749] | | |||
| invalid_client | 2 | section 5.2 of [RFC6749] | | +---------------------------+-------------+------------------------+ | |||
| invalid_grant | 3 | section 5.2 of [RFC6749] | | | invalid_client | 2 | Section 5.2 of | | |||
| unauthorized_client | 4 | section 5.2 of [RFC6749] | | | | | [RFC6749] | | |||
| unsupported_grant_type | 5 | section 5.2 of [RFC6749] | | +---------------------------+-------------+------------------------+ | |||
| invalid_scope | 6 | section 5.2 of [RFC6749] | | | invalid_grant | 3 | Section 5.2 of | | |||
| unsupported_pop_key | 7 | [this document] | | | | | [RFC6749] | | |||
| incompatible_ace_profiles | 8 | [this document] | | +---------------------------+-------------+------------------------+ | |||
\---------------------------+--------+--------------------------/ | | unauthorized_client | 4 | Section 5.2 of | | |||
| | | [RFC6749] | | ||||
+---------------------------+-------------+------------------------+ | ||||
| unsupported_grant_type | 5 | Section 5.2 of | | ||||
| | | [RFC6749] | | ||||
+---------------------------+-------------+------------------------+ | ||||
| invalid_scope | 6 | Section 5.2 of | | ||||
| | | [RFC6749] | | ||||
+---------------------------+-------------+------------------------+ | ||||
| unsupported_pop_key | 7 | RFC 9200 | | ||||
+---------------------------+-------------+------------------------+ | ||||
| incompatible_ace_profiles | 8 | RFC 9200 | | ||||
+---------------------------+-------------+------------------------+ | ||||
Figure 10: CBOR abbreviations for common error codes | Table 3: CBOR Abbreviations for Common Error Codes | |||
In addition to the error responses defined in OAuth 2.0, the | In addition to the error responses defined in OAuth 2.0, the | |||
following behavior MUST be implemented by the AS: | following behavior MUST be implemented by the AS: | |||
* If the client submits an asymmetric key in the token request that | * If the client submits an asymmetric key in the token request that | |||
the RS cannot process, the AS MUST reject that request with a | the RS cannot process, the AS MUST reject that request with a | |||
response code equivalent to the CoAP code 4.00 (Bad Request) | response code equivalent to the CoAP code 4.00 (Bad Request), | |||
including the error code "unsupported_pop_key" specified in | including the error code "unsupported_pop_key" specified in | |||
Figure 10. | Table 3. | |||
* If the client and the RS it has requested an access token for do | * If the client and the RS it has requested an access token for do | |||
not share a common profile, the AS MUST reject that request with a | not share a common profile, the AS MUST reject that request with a | |||
response code equivalent to the CoAP code 4.00 (Bad Request) | response code equivalent to the CoAP code 4.00 (Bad Request), | |||
including the error code "incompatible_ace_profiles" specified in | including the error code "incompatible_ace_profiles" specified in | |||
Figure 10. | Table 3. | |||
5.8.4. Request and Response Parameters | 5.8.4. Request and Response Parameters | |||
This section provides more detail about the new parameters that can | This section provides more detail about the new parameters that can | |||
be used in access token requests and responses, as well as | be used in access token requests and responses, as well as | |||
abbreviations for more compact encoding of existing parameters and | abbreviations for more compact encoding of existing parameters and | |||
common parameter values. | common parameter values. | |||
5.8.4.1. Grant Type | 5.8.4.1. Grant Type | |||
The abbreviations specified in the registry defined in Section 8.5 | The abbreviations specified in the registry defined in Section 8.5 | |||
MUST be used in CBOR encodings instead of the string values defined | MUST be used in CBOR encodings instead of the string values defined | |||
in [RFC6749], if CBOR payloads are used. | in [RFC6749] if CBOR payloads are used. | |||
/--------------------+------------+------------------------\ | +====================+============+============================+ | |||
| Name | CBOR Value | Original Specification | | | Name | CBOR Value | Original Specification | | |||
|--------------------+------------+------------------------| | +====================+============+============================+ | |||
| password | 0 | s. 4.3.2 of [RFC6749] | | | password | 0 | Section 4.3.2 of [RFC6749] | | |||
| authorization_code | 1 | s. 4.1.3 of [RFC6749] | | +--------------------+------------+----------------------------+ | |||
| client_credentials | 2 | s. 4.4.2 of [RFC6749] | | | authorization_code | 1 | Section 4.1.3 of [RFC6749] | | |||
| refresh_token | 3 | s. 6 of [RFC6749] | | +--------------------+------------+----------------------------+ | |||
\--------------------+------------+------------------------/ | | client_credentials | 2 | Section 4.4.2 of [RFC6749] | | |||
+--------------------+------------+----------------------------+ | ||||
| refresh_token | 3 | Section 6 of [RFC6749] | | ||||
+--------------------+------------+----------------------------+ | ||||
Figure 11: CBOR abbreviations for common grant types | Table 4: CBOR Abbreviations for Common Grant Types | |||
5.8.4.2. Token Type | 5.8.4.2. Token Type | |||
The "token_type" parameter, defined in section 5.1 of [RFC6749], | The "token_type" parameter, defined in Section 5.1 of [RFC6749], | |||
allows the AS to indicate to the client which type of access token it | allows the AS to indicate to the client which type of access token it | |||
is receiving (e.g., a bearer token). | is receiving (e.g., a bearer token). | |||
This document registers the new value "PoP" for the OAuth Access | This document registers the new value "PoP" for the "OAuth Access | |||
Token Types registry, specifying a proof-of-possession token. How | Token Types" registry, specifying a proof-of-possession token. How | |||
the proof-of-possession by the client to the RS is performed MUST be | the proof of possession by the client to the RS is performed MUST be | |||
specified by the profiles. | specified by the profiles. | |||
The values in the "token_type" parameter MUST use the CBOR | The values in the "token_type" parameter MUST use the CBOR | |||
abbreviations defined in the registry specified by Section 8.7, if a | abbreviations defined in the registry specified by Section 8.7 if a | |||
CBOR encoding is used. | CBOR encoding is used. | |||
In this framework the "pop" value for the "token_type" parameter is | In this framework, the "pop" value for the "token_type" parameter is | |||
the default. The AS may, however, provide a different value from | the default. The AS may, however, provide a different value from | |||
those registered in [IANA.OAuthAccessTokenTypes]. | those registered in [IANA.OAuthAccessTokenTypes]. | |||
5.8.4.3. Profile | 5.8.4.3. Profile | |||
Profiles of this framework MUST define the communication protocol and | Profiles of this framework MUST define the communication protocol and | |||
the communication security protocol between the client and the RS. | the communication security protocol between the client and the RS. | |||
The security protocol MUST provide encryption, integrity and replay | The security protocol MUST provide encryption, integrity, and replay | |||
protection. It MUST also provide a binding between requests and | protection. It MUST also provide a binding between requests and | |||
responses. Furthermore profiles MUST define a list of allowed proof- | responses. Furthermore, profiles MUST define a list of allowed | |||
of-possession methods, if they support proof-of-possession tokens. | proof-of-possession methods if they support proof-of-possession | |||
tokens. | ||||
A profile MUST specify an identifier that MUST be used to uniquely | A profile MUST specify an identifier that MUST be used to uniquely | |||
identify itself in the "ace_profile" parameter. The textual | identify itself in the "ace_profile" parameter. The textual | |||
representation of the profile identifier is intended for human | representation of the profile identifier is intended for human | |||
readability and for JSON-based interactions, it MUST NOT be used for | readability and for JSON-based interactions; it MUST NOT be used for | |||
CBOR-based interactions. Profiles MUST register their identifier in | CBOR-based interactions. Profiles MUST register their identifier in | |||
the registry defined in Section 8.8. | the registry defined in Section 8.8. | |||
Profiles MAY define additional parameters for both the token request | Profiles MAY define additional parameters for both the token request | |||
and the Access Information in the access token response in order to | and the Access Information in the access token response in order to | |||
support negotiation or signaling of profile specific parameters. | support negotiation or signaling of profile-specific parameters. | |||
Clients that want the AS to provide them with the "ace_profile" | Clients that want the AS to provide them with the "ace_profile" | |||
parameter in the access token response can indicate that by sending a | parameter in the access token response can indicate that by sending a | |||
ace_profile parameter with a null value for CBOR-based interactions, | ace_profile parameter with a null value for CBOR-based interactions, | |||
or an empty string if CBOR is not used, in the access token request. | or an empty string if CBOR is not used, in the access token request. | |||
5.8.4.4. Client-Nonce | 5.8.4.4. Client-Nonce | |||
This parameter MUST be sent from the client to the AS, if it | This parameter MUST be sent from the client to the AS if it | |||
previously received a "cnonce" parameter in the "AS Request Creation | previously received a "cnonce" parameter in the "AS Request Creation | |||
Hints" Section 5.3. The parameter is encoded as a byte string for | Hints" (Section 5.3). The parameter is encoded as a byte string for | |||
CBOR-based interactions, and as a string (Base64 encoded binary) if | CBOR-based interactions and as a string (base64url without padding | |||
CBOR is not used. It MUST copy the value from the cnonce parameter | encoded binary [RFC4648]) if CBOR is not used. It MUST copy the | |||
in the "AS Request Creation Hints". | value from the cnonce parameter in the "AS Request Creation Hints". | |||
5.8.5. Mapping Parameters to CBOR | 5.8.5. Mapping Parameters to CBOR | |||
If CBOR encoding is used, all OAuth parameters in access token | If CBOR encoding is used, all OAuth parameters in access token | |||
requests and responses MUST be mapped to CBOR types as specified in | requests and responses MUST be mapped to CBOR types, as specified in | |||
the registry defined by Section 8.10, using the given integer | the registry defined by Section 8.10, using the given integer | |||
abbreviation for the map keys. | abbreviation for the map keys. | |||
Note that we have aligned the abbreviations corresponding to claims | Note that we have aligned the abbreviations corresponding to claims | |||
with the abbreviations defined in [RFC8392]. | with the abbreviations defined in [RFC8392]. | |||
Note also that abbreviations from -24 to 23 have a 1 byte encoding | Note also that abbreviations from -24 to 23 have a 1-byte encoding | |||
size in CBOR. We have thus chosen to assign abbreviations in that | size in CBOR. We have thus chosen to assign abbreviations in that | |||
range to parameters we expect to be used most frequently in | range to parameters we expect to be used most frequently in | |||
constrained scenarios. | constrained scenarios. | |||
/-------------------+----------+---------------------+---------------\ | +===================+==========+=============+===============+ | |||
| | | | Original | | | Name | CBOR Key | Value Type | Original | | |||
| Name | CBOR Key | Value Type | Specification | | | | | | Specification | | |||
|-------------------+----------+---------------------+---------------| | +===================+==========+=============+===============+ | |||
| access_token | 1 | byte string | [RFC6749] | | | access_token | 1 | byte string | [RFC6749] | | |||
| expires_in | 2 | unsigned integer | [RFC6749] | | +-------------------+----------+-------------+---------------+ | |||
| audience | 5 | text string | [RFC8693] | | | expires_in | 2 | unsigned | [RFC6749] | | |||
| scope | 9 | text or byte string | [RFC6749] | | | | | integer | | | |||
| client_id | 24 | text string | [RFC6749] | | +-------------------+----------+-------------+---------------+ | |||
| client_secret | 25 | byte string | [RFC6749] | | | audience | 5 | text string | [RFC8693] | | |||
| response_type | 26 | text string | [RFC6749] | | +-------------------+----------+-------------+---------------+ | |||
| redirect_uri | 27 | text string | [RFC6749] | | | scope | 9 | text or | [RFC6749] | | |||
| state | 28 | text string | [RFC6749] | | | | | byte string | | | |||
| code | 29 | byte string | [RFC6749] | | +-------------------+----------+-------------+---------------+ | |||
| error | 30 | integer | [RFC6749] | | | client_id | 24 | text string | [RFC6749] | | |||
| error_description | 31 | text string | [RFC6749] | | +-------------------+----------+-------------+---------------+ | |||
| error_uri | 32 | text string | [RFC6749] | | | client_secret | 25 | byte string | [RFC6749] | | |||
| grant_type | 33 | unsigned integer | [RFC6749] | | +-------------------+----------+-------------+---------------+ | |||
| token_type | 34 | integer | [RFC6749] | | | response_type | 26 | text string | [RFC6749] | | |||
| username | 35 | text string | [RFC6749] | | +-------------------+----------+-------------+---------------+ | |||
| password | 36 | text string | [RFC6749] | | | redirect_uri | 27 | text string | [RFC6749] | | |||
| refresh_token | 37 | byte string | [RFC6749] | | +-------------------+----------+-------------+---------------+ | |||
| ace_profile | 38 | integer |[this document]| | | state | 28 | text string | [RFC6749] | | |||
| cnonce | 39 | byte string |[this document]| | +-------------------+----------+-------------+---------------+ | |||
\-------------------+----------+---------------------+---------------/ | | code | 29 | byte string | [RFC6749] | | |||
+-------------------+----------+-------------+---------------+ | ||||
| error | 30 | integer | [RFC6749] | | ||||
+-------------------+----------+-------------+---------------+ | ||||
| error_description | 31 | text string | [RFC6749] | | ||||
+-------------------+----------+-------------+---------------+ | ||||
| error_uri | 32 | text string | [RFC6749] | | ||||
+-------------------+----------+-------------+---------------+ | ||||
| grant_type | 33 | unsigned | [RFC6749] | | ||||
| | | integer | | | ||||
+-------------------+----------+-------------+---------------+ | ||||
| token_type | 34 | integer | [RFC6749] | | ||||
+-------------------+----------+-------------+---------------+ | ||||
| username | 35 | text string | [RFC6749] | | ||||
+-------------------+----------+-------------+---------------+ | ||||
| password | 36 | text string | [RFC6749] | | ||||
+-------------------+----------+-------------+---------------+ | ||||
| refresh_token | 37 | byte string | [RFC6749] | | ||||
+-------------------+----------+-------------+---------------+ | ||||
| ace_profile | 38 | integer | RFC 9200 | | ||||
+-------------------+----------+-------------+---------------+ | ||||
| cnonce | 39 | byte string | RFC 9200 | | ||||
+-------------------+----------+-------------+---------------+ | ||||
Figure 12: CBOR mappings used in token requests and responses | Table 5: CBOR Mappings Used in Token Requests and Responses | |||
5.9. The Introspection Endpoint | 5.9. The Introspection Endpoint | |||
Token introspection [RFC7662] MAY be implemented by the AS, and the | Token introspection [RFC7662] MAY be implemented by the AS and the | |||
RS. When implemented, it MAY be used by the RS and to query the AS | RS. When implemented, it MAY be used by the RS and to query the AS | |||
for metadata about a given token, e.g., validity or scope. Analogous | for metadata about a given token, e.g., validity or scope. Analogous | |||
to the protocol defined in [RFC7662] for HTTP and JSON, this section | to the protocol defined in [RFC7662] for HTTP and JSON, this section | |||
defines adaptations to more constrained environments using CBOR and | defines adaptations to more constrained environments using CBOR and | |||
leaving the choice of the application protocol to the profile. | leaving the choice of the application protocol to the profile. | |||
Communication between the requesting entity and the introspection | Communication between the requesting entity and the introspection | |||
endpoint at the AS MUST be integrity protected and encrypted. The | endpoint at the AS MUST be integrity protected and encrypted. The | |||
communication security protocol MUST also provide a binding between | communication security protocol MUST also provide a binding between | |||
requests and responses. Furthermore, the two interacting parties | requests and responses. Furthermore, the two interacting parties | |||
MUST perform mutual authentication. Finally, the AS SHOULD verify | MUST perform mutual authentication. Finally, the AS SHOULD verify | |||
that the requesting entity has the right to access introspection | that the requesting entity has the right to access introspection | |||
information about the provided token. Profiles of this framework | information about the provided token. Profiles of this framework | |||
that support introspection MUST specify how authentication and | that support introspection MUST specify how authentication and | |||
communication security between the requesting entity and the AS is | communication security between the requesting entity and the AS is | |||
implemented. | implemented. | |||
The default name of this endpoint in an url-path SHOULD be | The default name of this endpoint in a url-path SHOULD be | |||
'/introspect'. However, implementations are not required to use this | '/introspect'. However, implementations are not required to use this | |||
name and can define their own instead. | name and can define their own instead. | |||
The figures of this section use the CBOR diagnostic notation without | The figures of this section use the CBOR diagnostic notation without | |||
the integer abbreviations for the parameters and their values for | the integer abbreviations for the parameters and their values for | |||
better readability. | better readability. | |||
5.9.1. Introspection Request | 5.9.1. Introspection Request | |||
The requesting entity sends a POST request to the introspection | The requesting entity sends a POST request to the introspection | |||
endpoint at the AS. The profile MUST specify how the communication | endpoint at the AS. The profile MUST specify how the communication | |||
is protected. If CoAP is used, the payload MUST be encoded as a CBOR | is protected. If CoAP is used, the payload MUST be encoded as a CBOR | |||
map with a "token" entry containing the access token. Further | map with a "token" entry containing the access token. Further | |||
optional parameters representing additional context that is known by | optional parameters representing additional context that is known by | |||
the requesting entity to aid the AS in its response MAY be included. | the requesting entity to aid the AS in its response MAY be included. | |||
For CoAP-based interaction, all messages MUST use the content type | For CoAP-based interaction, all messages MUST use the content type | |||
"application/ace+cbor". For HTTP the encoding defined in section 2.1 | "application/ace+cbor". For HTTP, the encoding defined in | |||
of [RFC7662] is used. | Section 2.1 of [RFC7662] is used. | |||
The same parameters are required and optional as in Section 2.1 of | The same parameters are required and optional as in Section 2.1 of | |||
[RFC7662]. | [RFC7662]. | |||
For example, Figure 13 shows an RS calling the token introspection | For example, Figure 8 shows an RS calling the token introspection | |||
endpoint at the AS to query about an OAuth 2.0 proof-of-possession | endpoint at the AS to query about an OAuth 2.0 proof-of-possession | |||
token. Note that object security based on OSCORE [RFC8613] is | token. Note that object security based on OSCORE [RFC8613] is | |||
assumed in this example, therefore the Content-Format is | assumed in this example; therefore, the Content-Format is | |||
"application/oscore". Figure 14 shows the decoded payload. | "application/oscore". Figure 9 shows the decoded payload. | |||
Header: POST (Code=0.02) | Header: POST (Code=0.02) | |||
Uri-Host: "as.example.com" | Uri-Host: "as.example.com" | |||
Uri-Path: "introspect" | Uri-Path: "introspect" | |||
OSCORE: 0x09, 0x05, 0x25 | OSCORE: 0x09, 0x05, 0x25 | |||
Content-Format: "application/oscore" | Content-Format: "application/oscore" | |||
Payload: | Payload: | |||
... COSE content ... | ... COSE content ... | |||
Figure 13: Example introspection request. | Figure 8: Example Introspection Request | |||
{ | { | |||
"token" : b64'7gj0dXJQ43U', | "token" : b64'7gj0dXJQ43U', | |||
"token_type_hint" : "PoP" | "token_type_hint" : "PoP" | |||
} | } | |||
Figure 14: Decoded payload. | Figure 9: Decoded Payload | |||
5.9.2. Introspection Response | 5.9.2. Introspection Response | |||
If the introspection request is authorized and successfully | If the introspection request is authorized and successfully | |||
processed, the AS sends a response with the response code equivalent | processed, the AS sends a response with the response code equivalent | |||
to the CoAP code 2.01 (Created). If the introspection request was | to the CoAP code 2.01 (Created). If the introspection request was | |||
invalid, not authorized or couldn't be processed the AS returns an | invalid, not authorized, or couldn't be processed, the AS returns an | |||
error response as described in Section 5.9.3. | error response, as described in Section 5.9.3. | |||
In a successful response, the AS encodes the response parameters in a | In a successful response, the AS encodes the response parameters in a | |||
map. If CoAP is used, this MUST be encoded as a CBOR map, if HTTP is | map. If CoAP is used, this MUST be encoded as a CBOR map; if HTTP is | |||
used the JSON encoding specified in section 2.2 of [RFC7662] is used. | used, the JSON encoding specified in Section 2.2 of [RFC7662] is | |||
The map containing the response payload includes the same required | used. The map containing the response payload includes the same | |||
and optional parameters as in Section 2.2 of [RFC7662] with the | required and optional parameters as in Section 2.2 of [RFC7662], with | |||
following additions: | the following additions: | |||
ace_profile OPTIONAL. This indicates the profile that the RS MUST | ace_profile: | |||
use with the client. See Section 5.8.4.3 for more details on the | This parameter is OPTIONAL. This indicates the profile that the | |||
formatting of this parameter. If this parameter is absent, the AS | RS MUST use with the client. See Section 5.8.4.3 for more details | |||
assumes that the RS implicitly knows which profile to use towards | on the formatting of this parameter. If this parameter is absent, | |||
the client. | the AS assumes that the RS implicitly knows which profile to use | |||
towards the client. | ||||
cnonce OPTIONAL. A client-nonce provided to the AS by the client. | cnonce: | |||
The RS MUST verify that this corresponds to the client-nonce | This parameter is OPTIONAL. This is a client-nonce provided to | |||
previously provided to the client in the "AS Request Creation | the AS by the client. The RS MUST verify that this corresponds to | |||
Hints". See Section 5.3 and Section 5.8.4.4. | the client-nonce previously provided to the client in the "AS | |||
Request Creation Hints". See Sections 5.3 and 5.8.4.4. Its value | ||||
is a byte string when encoded in CBOR and is the base64url | ||||
encoding of this byte string without padding when encoded in JSON | ||||
[RFC4648]. | ||||
cti OPTIONAL. The "cti" claim associated to this access token. | cti: | |||
This parameter has the same meaning and processing rules as the | This parameter is OPTIONAL. This is the "cti" claim associated to | |||
"jti" parameter defined in section 3.1.2 of [RFC7662] except that | this access token. This parameter has the same meaning and | |||
the value is a byte string. | processing rules as the "jti" parameter defined in Section 3.1.2 | |||
of [RFC7662] except that its value is a byte string when encoded | ||||
in CBOR and is the base64url encoding of this byte string without | ||||
padding when encoded in JSON [RFC4648]. | ||||
exi OPTIONAL. The "expires-in" claim associated to this access | exi: | |||
token. See Section 5.10.3. | This parameter is OPTIONAL. This is the "expires-in" claim | |||
associated to this access token. See Section 5.10.3. | ||||
Furthermore [I-D.ietf-ace-oauth-params] defines more parameters that | Furthermore, [RFC9201] defines more parameters that the AS MUST be | |||
the AS MUST be able to use when responding to a request to the | able to use when responding to a request to the introspection | |||
introspection endpoint. | endpoint. | |||
For example, Figure 15 shows an AS response to the introspection | For example, Figure 10 shows an AS response to the introspection | |||
request in Figure 13. Note that this example contains the "cnf" | request in Figure 8. Note that this example contains the "cnf" | |||
parameter defined in [I-D.ietf-ace-oauth-params]. | parameter defined in [RFC9201]. | |||
Header: Created (Code=2.01) | Header: Created (Code=2.01) | |||
Content-Format: "application/ace+cbor" | Content-Format: "application/ace+cbor" | |||
Payload: | Payload: | |||
{ | { | |||
"active" : true, | "active" : true, | |||
"scope" : "read", | "scope" : "read", | |||
"ace_profile" : "coap_dtls", | "ace_profile" : "coap_dtls", | |||
"cnf" : { | "cnf" : { | |||
"COSE_Key" : { | "COSE_Key" : { | |||
"kty" : "Symmetric", | "kty" : "Symmetric", | |||
"kid" : b64'39Gqlw', | "kid" : b64'39Gqlw', | |||
"k" : b64'hJtXhkV8FJG+Onbc6mxCcQh' | "k" : b64'hJtXhkV8FJG+Onbc6mxCcQh' | |||
} | } | |||
} | } | |||
} | } | |||
Figure 15: Example introspection response. | Figure 10: Example Introspection Response | |||
5.9.3. Error Response | 5.9.3. Error Response | |||
The error responses for CoAP-based interactions with the AS are | The error responses for CoAP-based interactions with the AS are | |||
equivalent to the ones for HTTP-based interactions as defined in | equivalent to the ones for HTTP-based interactions, as defined in | |||
Section 2.3 of [RFC7662], with the following differences: | Section 2.3 of [RFC7662], with the following differences: | |||
* If content is sent and CoAP is used the payload MUST be encoded as | * If content is sent and CoAP is used, the payload MUST be encoded | |||
a CBOR map and the Content-Format "application/ace+cbor" MUST be | as a CBOR map and the Content-Format "application/ace+cbor" MUST | |||
used. For HTTP the encoding defined in section 2.3 of [RFC6749] | be used. For HTTP, the encoding defined in Section 2.3 of | |||
is used. | [RFC6749] is used. | |||
* If the credentials used by the requesting entity (usually the RS) | * If the credentials used by the requesting entity (usually the RS) | |||
are invalid the AS MUST respond with the response code equivalent | are invalid, the AS MUST respond with the response code equivalent | |||
to the CoAP code 4.01 (Unauthorized) and use the required and | to the CoAP code 4.01 (Unauthorized) and use the required and | |||
optional parameters from Section 2.3 in [RFC7662]. | optional parameters from Section 2.3 of [RFC7662]. | |||
* If the requesting entity does not have the right to perform this | * If the requesting entity does not have the right to perform this | |||
introspection request, the AS MUST respond with a response code | introspection request, the AS MUST respond with a response code | |||
equivalent to the CoAP code 4.03 (Forbidden). In this case no | equivalent to the CoAP code 4.03 (Forbidden). In this case, no | |||
payload is returned. | payload is returned. | |||
* The parameters "error", "error_description" and "error_uri" MUST | * The parameters "error", "error_description", and "error_uri" MUST | |||
be abbreviated using the codes specified in Figure 12. | be abbreviated using the codes specified in Table 5. | |||
* The error codes MUST be abbreviated using the codes specified in | * The error codes MUST be abbreviated using the codes specified in | |||
the registry defined by Section 8.4. | the registry defined by Section 8.4. | |||
Note that a properly formed and authorized query for an inactive or | Note that a properly formed and authorized query for an inactive or | |||
otherwise invalid token does not warrant an error response by this | otherwise invalid token does not warrant an error response by this | |||
specification. In these cases, the authorization server MUST instead | specification. In these cases, the authorization server MUST instead | |||
respond with an introspection response with the "active" field set to | respond with an introspection response with the "active" field set to | |||
"false". | "false". | |||
5.9.4. Mapping Introspection Parameters to CBOR | 5.9.4. Mapping Introspection Parameters to CBOR | |||
If CBOR is used, the introspection request and response parameters | If CBOR is used, the introspection request and response parameters | |||
MUST be mapped to CBOR types as specified in the registry defined by | MUST be mapped to CBOR types, as specified in the registry defined by | |||
Section 8.12, using the given integer abbreviation for the map key. | Section 8.12, using the given integer abbreviation for the map key. | |||
Note that we have aligned abbreviations that correspond to a claim | Note that we have aligned abbreviations that correspond to a claim | |||
with the abbreviations defined in [RFC8392] and the abbreviations of | with the abbreviations defined in [RFC8392] and the abbreviations of | |||
parameters with the same name from Section 5.8.5. | parameters with the same name from Section 5.8.5. | |||
/-------------------+----------+-------------------+---------------\ | +===================+======+======================+===============+ | |||
| | | | Original | | | Parameter name | CBOR | Value Type | Original | | |||
| Parameter name | CBOR Key | Value Type | Specification | | | | Key | | Specification | | |||
|-------------------+----------+-------------------+---------------| | +===================+======+======================+===============+ | |||
| iss | 1 | text string | [RFC7662] | | | iss | 1 | text string | [RFC7662] | | |||
| sub | 2 | text string | [RFC7662] | | +-------------------+------+----------------------+---------------+ | |||
| aud | 3 | text string | [RFC7662] | | | sub | 2 | text string | [RFC7662] | | |||
| exp | 4 | integer or | [RFC7662] | | +-------------------+------+----------------------+---------------+ | |||
| | | floating-point | | | | aud | 3 | text string | [RFC7662] | | |||
| | | number | | | +-------------------+------+----------------------+---------------+ | |||
| nbf | 5 | integer or | [RFC7662] | | | exp | 4 | integer or floating- | [RFC7662] | | |||
| | | floating-point | | | | | | point number | | | |||
| | | number | | | +-------------------+------+----------------------+---------------+ | |||
| iat | 6 | integer or | [RFC7662] | | | nbf | 5 | integer or floating- | [RFC7662] | | |||
| | | floating-point | | | | | | point number | | | |||
| | | number | | | +-------------------+------+----------------------+---------------+ | |||
| cti | 7 | byte string |[this document]| | | iat | 6 | integer or floating- | [RFC7662] | | |||
| scope | 9 | text or | [RFC7662] | | | | | point number | | | |||
| | | byte string | | | +-------------------+------+----------------------+---------------+ | |||
| active | 10 | True or False | [RFC7662] | | | cti | 7 | byte string | RFC 9200 | | |||
| token | 11 | byte string | [RFC7662] | | +-------------------+------+----------------------+---------------+ | |||
| client_id | 24 | text string | [RFC7662] | | | scope | 9 | text or byte string | [RFC7662] | | |||
| error | 30 | integer | [RFC7662] | | +-------------------+------+----------------------+---------------+ | |||
| error_description | 31 | text string | [RFC7662] | | | active | 10 | True or False | [RFC7662] | | |||
| error_uri | 32 | text string | [RFC7662] | | +-------------------+------+----------------------+---------------+ | |||
| token_type_hint | 33 | text string | [RFC7662] | | | token | 11 | byte string | [RFC7662] | | |||
| token_type | 34 | integer | [RFC7662] | | +-------------------+------+----------------------+---------------+ | |||
| username | 35 | text string | [RFC7662] | | | client_id | 24 | text string | [RFC7662] | | |||
| ace_profile | 38 | integer |[this document]| | +-------------------+------+----------------------+---------------+ | |||
| cnonce | 39 | byte string |[this document]| | | error | 30 | integer | [RFC7662] | | |||
| exi | 40 | unsigned integer |[this document]| | +-------------------+------+----------------------+---------------+ | |||
\-------------------+----------+-------------------+---------------/ | | error_description | 31 | text string | [RFC7662] | | |||
Figure 16: CBOR mappings for Token Introspection Parameters. | +-------------------+------+----------------------+---------------+ | |||
| error_uri | 32 | text string | [RFC7662] | | ||||
+-------------------+------+----------------------+---------------+ | ||||
| token_type_hint | 33 | text string | [RFC7662] | | ||||
+-------------------+------+----------------------+---------------+ | ||||
| token_type | 34 | integer | [RFC7662] | | ||||
+-------------------+------+----------------------+---------------+ | ||||
| username | 35 | text string | [RFC7662] | | ||||
+-------------------+------+----------------------+---------------+ | ||||
| ace_profile | 38 | integer | RFC 9200 | | ||||
+-------------------+------+----------------------+---------------+ | ||||
| cnonce | 39 | byte string | RFC 9200 | | ||||
+-------------------+------+----------------------+---------------+ | ||||
| exi | 40 | integer | RFC 9200 | | ||||
+-------------------+------+----------------------+---------------+ | ||||
Table 6: CBOR Mappings for Token Introspection Parameters | ||||
5.10. The Access Token | 5.10. The Access Token | |||
In this framework the use of CBOR Web Token (CWT) as specified in | In this framework, the use of CBOR Web Token (CWT) as specified in | |||
[RFC8392] is RECOMMENDED. | [RFC8392] is RECOMMENDED. | |||
In order to facilitate offline processing of access tokens, this | In order to facilitate offline processing of access tokens, this | |||
document uses the "cnf" claim from [RFC8747] and the "scope" claim | document uses the "cnf" claim from [RFC8747] and the "scope" claim | |||
from [RFC8693] for JWT- and CWT-encoded tokens. In addition to | from [RFC8693] for JWT- and CWT-encoded tokens. In addition to | |||
string encoding specified for the "scope" claim, a binary encoding | string encoding specified for the "scope" claim, a binary encoding | |||
MAY be used. The syntax of such an encoding is explicitly not | MAY be used. The syntax of such an encoding is explicitly not | |||
specified here and left to profiles or applications, specifically | specified here and left to profiles or applications, specifically | |||
note that a binary encoded scope does not necessarily use the space | note that a binary encoded scope does not necessarily use the space | |||
character '0x20' to delimit scope-tokens. | character '0x20' to delimit scope-tokens. | |||
If the AS needs to convey a hint to the RS about which profile it | If the AS needs to convey a hint to the RS about which profile it | |||
should use to communicate with the client, the AS MAY include an | should use to communicate with the client, the AS MAY include an | |||
"ace_profile" claim in the access token, with the same syntax and | "ace_profile" claim in the access token, with the same syntax and | |||
semantics as defined in Section 5.8.4.3. | semantics as defined in Section 5.8.4.3. | |||
If the client submitted a client-nonce parameter in the access token | If the client submitted a client-nonce parameter in the access token | |||
request Section 5.8.4.4, the AS MUST include the value of this | request (Section 5.8.4.4), the AS MUST include the value of this | |||
parameter in the "cnonce" claim specified here. The "cnonce" claim | parameter in the "cnonce" claim specified here. The "cnonce" claim | |||
uses binary encoding. | uses binary encoding. | |||
5.10.1. The Authorization Information Endpoint | 5.10.1. The Authorization Information Endpoint | |||
The access token, containing authorization information and | The access token, containing authorization information and | |||
information about the proof-of-possession method used by the client, | information about the proof-of-possession method used by the client, | |||
needs to be transported to the RS so that the RS can authenticate and | needs to be transported to the RS so that the RS can authenticate and | |||
authorize the client request. | authorize the client request. | |||
This section defines a method for transporting the access token to | This section defines a method for transporting the access token to | |||
the RS using a RESTful protocol such as CoAP. Profiles of this | the RS using a RESTful protocol, such as CoAP. Profiles of this | |||
framework MAY define other methods for token transport. | framework MAY define other methods for token transport. | |||
The method consists of an authz-info endpoint, implemented by the RS. | The method consists of an authz-info endpoint, implemented by the RS. | |||
A client using this method MUST make a POST request to the authz-info | A client using this method MUST make a POST request to the authz-info | |||
endpoint at the RS with the access token in the payload. The CoAP | endpoint at the RS with the access token in the payload. The CoAP | |||
Content-Format or HTTP Media Type MUST reflect the format of the | Content-Format or HTTP media type MUST reflect the format of the | |||
token, e.g. application/cwt for CBOR Web Tokens, if no Content-Format | token, e.g., "application/cwt", for CBOR Web Tokens; if no Content- | |||
or Media Type is defined for the token format, application/octet- | Format or media type is defined for the token format, "application/ | |||
stream MUST be used. | octet-stream" MUST be used. | |||
The RS receiving the token MUST verify the validity of the token. If | The RS receiving the token MUST verify the validity of the token. If | |||
the token is valid, the RS MUST respond to the POST request with a | the token is valid, the RS MUST respond to the POST request with a | |||
response code equivalent to CoAP's 2.01 (Created). Section 5.10.1.1 | response code equivalent to CoAP code 2.01 (Created). | |||
outlines how an RS MUST proceed to verify the validity of an access | Section 5.10.1.1 outlines how an RS MUST proceed to verify the | |||
token. | validity of an access token. | |||
The RS MUST be prepared to store at least one access token for future | The RS MUST be prepared to store at least one access token for future | |||
use. This is a difference to how access tokens are handled in OAuth | use. This is a difference as to how access tokens are handled in | |||
2.0, where the access token is typically sent along with each | OAuth 2.0, where the access token is typically sent along with each | |||
request, and therefore not stored at the RS. | request and therefore not stored at the RS. | |||
When using this framework it is RECOMMENDED that an RS stores only | When using this framework, it is RECOMMENDED that an RS stores only | |||
one token per proof-of-possession key. This means that an additional | one token per proof-of-possession key. This means that an additional | |||
token linked to the same key will supersede any existing token at the | token linked to the same key will supersede any existing token at the | |||
RS, by replacing the corresponding authorization information. The | RS by replacing the corresponding authorization information. The | |||
reason is that this greatly simplifies (constrained) implementations, | reason is that this greatly simplifies (constrained) implementations, | |||
with respect to required storage and resolving a request to the | with respect to required storage and resolving a request to the | |||
applicable token. The use of multiple access tokens for a single | applicable token. The use of multiple access tokens for a single | |||
client increases the strain on the resource server as it must | client increases the strain on the resource server, as it must | |||
consider every access token and calculate the actual permissions of | consider every access token and calculate the actual permissions of | |||
the client. Also, tokens may contradict each other which may lead | the client. Also, tokens may contradict each other, which may lead | |||
the server to enforce wrong permissions. If one of the access tokens | the server to enforce wrong permissions. If one of the access tokens | |||
expires earlier than others, the resulting permissions may offer | expires earlier than others, the resulting permissions may offer | |||
insufficient protection. | insufficient protection. | |||
If the payload sent to the authz-info endpoint does not parse to a | If the payload sent to the authz-info endpoint does not parse to a | |||
token, the RS MUST respond with a response code equivalent to the | token, the RS MUST respond with a response code equivalent to the | |||
CoAP code 4.00 (Bad Request). | CoAP code 4.00 (Bad Request). | |||
The RS MAY make an introspection request to validate the token before | The RS MAY make an introspection request to validate the token before | |||
responding to the POST request to the authz-info endpoint, e.g. if | responding to the POST request to the authz-info endpoint, e.g., if | |||
the token is an opaque reference. Some transport protocols may | the token is an opaque reference. Some transport protocols may | |||
provide a way to indicate that the RS is busy and the client should | provide a way to indicate that the RS is busy and the client should | |||
retry after an interval; this type of status update would be | retry after an interval; this type of status update would be | |||
appropriate while the RS is waiting for an introspection response. | appropriate while the RS is waiting for an introspection response. | |||
Profiles MUST specify whether the authz-info endpoint is protected, | Profiles MUST specify whether the authz-info endpoint is protected, | |||
including whether error responses from this endpoint are protected. | including whether error responses from this endpoint are protected. | |||
Note that since the token contains information that allow the client | Note that since the token contains information that allows the client | |||
and the RS to establish a security context in the first place, mutual | and the RS to establish a security context in the first place, mutual | |||
authentication may not be possible at this point. | authentication may not be possible at this point. | |||
The default name of this endpoint in an url-path is '/authz-info', | The default name of this endpoint in a url-path is '/authz-info'; | |||
however implementations are not required to use this name and can | however, implementations are not required to use this name and can | |||
define their own instead. | define their own instead. | |||
5.10.1.1. Verifying an Access Token | 5.10.1.1. Verifying an Access Token | |||
When an RS receives an access token, it MUST verify it before storing | When an RS receives an access token, it MUST verify it before storing | |||
it. The details of token verification depends on various aspects, | it. The details of token verification depends on various aspects, | |||
including the token encoding, the type of token, the security | including the token encoding, the type of token, the security | |||
protection applied to the token, and the claims. The token encoding | protection applied to the token, and the claims. The token encoding | |||
matters since the security protection differs between the token | matters since the security protection differs between the token | |||
encodings. For example, a CWT token uses COSE while a JWT token uses | encodings. For example, a CWT token uses COSE, while a JWT token | |||
JOSE. The type of token also has an influence on the verification | uses JSON Object Signing and Encryption (JOSE). The type of token | |||
procedure since tokens may be self-contained whereby token | also has an influence on the verification procedure since tokens may | |||
verification may happen locally at the RS while a token-by-reference | be self-contained, whereby token verification may happen locally at | |||
requires further interaction with the authorization server, for | the RS, while a token-by-reference requires further interaction with | |||
example using token introspection, to obtain the claims associated | the authorization server, for example, using token introspection, to | |||
with the token reference. Self-contained tokens MUST, at least be | obtain the claims associated with the token reference. Self- | |||
integrity protected but they MAY also be encrypted. | contained tokens MUST at least be integrity protected, but they MAY | |||
also be encrypted. | ||||
For self-contained tokens the RS MUST process the security protection | For self-contained tokens, the RS MUST process the security | |||
of the token first, as specified by the respective token format. For | protection of the token first, as specified by the respective token | |||
CWT the description can be found in [RFC8392] and for JWT the | format. For CWT, the description can be found in [RFC8392]; for JWT, | |||
relevant specification is [RFC7519]. This MUST include a | the relevant specification is [RFC7519]. This MUST include a | |||
verification that security protection (and thus the token) was | verification that security protection (and thus the token) was | |||
generated by an AS that has the right to issue access tokens for this | generated by an AS that has the right to issue access tokens for this | |||
RS. | RS. | |||
In case the token is communicated by reference the RS needs to obtain | In case the token is communicated by reference, the RS needs to | |||
the claims first. When the RS uses token introspection the relevant | obtain the claims first. When the RS uses token introspection, the | |||
specification is [RFC7662] with CoAP transport specified in | relevant specification is [RFC7662] with CoAP transport specified in | |||
Section 5.9. | Section 5.9. | |||
Errors may happen during this initial processing stage: | Errors may happen during this initial processing stage: | |||
* If the verification of the security wrapper fails, or the token | * If the verification of the security wrapper fails, or the token | |||
was issued by an AS that does not have the right to issue tokens | was issued by an AS that does not have the right to issue tokens | |||
for the receiving RS, the RS MUST discard the token and, if this | for the receiving RS, the RS MUST discard the token and, if this | |||
was an interaction with authz-info, return an error message with a | was an interaction with authz-info, return an error message with a | |||
response code equivalent to the CoAP code 4.01 (Unauthorized). | response code equivalent to the CoAP code 4.01 (Unauthorized). | |||
* If the claims cannot be obtained the RS MUST discard the token | * If the claims cannot be obtained, the RS MUST discard the token | |||
and, in case of an interaction via the authz-info endpoint, return | and, in case of an interaction via the authz-info endpoint, return | |||
an error message with a response code equivalent to the CoAP code | an error message with a response code equivalent to the CoAP code | |||
4.00 (Bad Request). | 4.00 (Bad Request). | |||
Next, the RS MUST verify claims, if present, contained in the access | Next, the RS MUST verify claims, if present, contained in the access | |||
token. Errors are returned when claim checks fail, in the order of | token. Errors are returned when claim checks fail, in the order of | |||
priority of this list: | priority of this list: | |||
iss The issuer claim (if present) must identify the AS that has | iss | |||
The issuer claim (if present) must identify the AS that has | ||||
produced the security protection for the access token. If that is | produced the security protection for the access token. If that is | |||
not the case the RS MUST discard the token. If this was an | not the case, the RS MUST discard the token. If this was an | |||
interaction with authz-info, the RS MUST also respond with a | interaction with authz-info, the RS MUST also respond with a | |||
response code equivalent to the CoAP code 4.01 (Unauthorized). | response code equivalent to the CoAP code 4.01 (Unauthorized). | |||
exp The expiration date must be in the future. If that is not the | exp | |||
case the RS MUST discard the token. If this was an interaction | The expiration date must be in the future. If that is not the | |||
with authz-info the RS MUST also respond with a response code | case, the RS MUST discard the token. If this was an interaction | |||
with authz-info, the RS MUST also respond with a response code | ||||
equivalent to the CoAP code 4.01 (Unauthorized). Note that the RS | equivalent to the CoAP code 4.01 (Unauthorized). Note that the RS | |||
has to terminate access rights to the protected resources at the | has to terminate access rights to the protected resources at the | |||
time when the tokens expire. | time when the tokens expire. | |||
aud The audience claim must refer to an audience that the RS | aud | |||
identifies with. If that is not the case the RS MUST discard the | The audience claim must refer to an audience that the RS | |||
identifies with. If that is not the case, the RS MUST discard the | ||||
token. If this was an interaction with authz-info, the RS MUST | token. If this was an interaction with authz-info, the RS MUST | |||
also respond with a response code equivalent to the CoAP code 4.03 | also respond with a response code equivalent to the CoAP code 4.03 | |||
(Forbidden). | (Forbidden). | |||
scope The RS must recognize value of the scope claim. If that is | scope | |||
not the case the RS MUST discard the token. If this was an | The RS must recognize value of the scope claim. If that is not | |||
the case, the RS MUST discard the token. If this was an | ||||
interaction with authz-info, the RS MUST also respond with a | interaction with authz-info, the RS MUST also respond with a | |||
response code equivalent to the CoAP code 4.00 (Bad Request). The | response code equivalent to the CoAP code 4.00 (Bad Request). The | |||
RS MAY provide additional information in the error response, to | RS MAY provide additional information in the error response to | |||
clarify what went wrong. | clarify what went wrong. | |||
Additional processing may be needed for other claims in a way | Additional processing may be needed for other claims in a way | |||
specific to a profile or the underlying application. | specific to a profile or the underlying application. | |||
Note that the Subject (sub) claim cannot always be verified when the | Note that the Subject (sub) claim cannot always be verified when the | |||
token is submitted to the RS since the client may not have | token is submitted to the RS since the client may not have | |||
authenticated yet. Also note that a counter for the expires_in (exi) | authenticated yet. Also note that a counter for the expires_in (exi) | |||
claim MUST be initialized when the RS first verifies this token. | claim MUST be initialized when the RS first verifies this token. | |||
Also note that profiles of this framework may define access token | Also note that profiles of this framework may define access token | |||
transport mechanisms that do not allow for error responses. | transport mechanisms that do not allow for error responses. | |||
Therefore the error messages specified here only apply if the token | Therefore, the error messages specified here only apply if the token | |||
was sent to the authz-info endpoint. | was sent to the authz-info endpoint. | |||
When sending error responses, the RS MAY use the error codes from | When sending error responses, the RS MAY use the error codes from | |||
Section 3.1 of [RFC6750], to provide additional details to the | Section 3.1 of [RFC6750] to provide additional details to the client. | |||
client. | ||||
5.10.1.2. Protecting the Authorization Information Endpoint | 5.10.1.2. Protecting the Authorization Information Endpoint | |||
As this framework can be used in RESTful environments, it is | As this framework can be used in RESTful environments, it is | |||
important to make sure that attackers cannot perform unauthorized | important to make sure that attackers cannot perform unauthorized | |||
requests on the authz-info endpoints, other than submitting access | requests on the authz-info endpoints, other than submitting access | |||
tokens. | tokens. | |||
Specifically it SHOULD NOT be possible to perform GET, DELETE or PUT | Specifically, it SHOULD NOT be possible to perform GET, DELETE, or | |||
on the authz-info endpoint. | PUT on the authz-info endpoint. | |||
The RS SHOULD implement rate limiting measures to mitigate attacks | The RS SHOULD implement rate-limiting measures to mitigate attacks | |||
aiming to overload the processing capacity of the RS by repeatedly | aiming to overload the processing capacity of the RS by repeatedly | |||
submitting tokens. For CoAP-based communication the RS could use the | submitting tokens. For CoAP-based communication, the RS could use | |||
mechanisms from [RFC8516] to indicate that it is overloaded. | the mechanisms from [RFC8516] to indicate that it is overloaded. | |||
5.10.2. Client Requests to the RS | 5.10.2. Client Requests to the RS | |||
Before sending a request to an RS, the client MUST verify that the | Before sending a request to an RS, the client MUST verify that the | |||
keys used to protect this communication are still valid. See | keys used to protect this communication are still valid. See | |||
Section 5.10.4 for details on how the client determines the validity | Section 5.10.4 for details on how the client determines the validity | |||
of the keys used. | of the keys used. | |||
If an RS receives a request from a client, and the target resource | If an RS receives a request from a client and the target resource | |||
requires authorization, the RS MUST first verify that it has an | requires authorization, the RS MUST first verify that it has an | |||
access token that authorizes this request, and that the client has | access token that authorizes this request and that the client has | |||
performed the proof-of-possession binding that token to the request. | performed the proof-of-possession binding for that token to the | |||
request. | ||||
The response code MUST be 4.01 (Unauthorized) in case the client has | The response code MUST be 4.01 (Unauthorized) in case the client has | |||
not performed the proof-of-possession, or if RS has no valid access | not performed the proof of possession or if the RS has no valid | |||
token for the client. If RS has an access token for the client but | access token for the client. If the RS has an access token for the | |||
the token does not authorize access for the resource that was | client but the token does not authorize access for the resource that | |||
requested, RS MUST reject the request with a 4.03 (Forbidden). If RS | was requested, the RS MUST reject the request with a 4.03 | |||
has an access token for the client but it does not cover the action | (Forbidden). If the RS has an access token for the client but it | |||
that was requested on the resource, RS MUST reject the request with a | does not cover the action that was requested on the resource, the RS | |||
4.05 (Method Not Allowed). | MUST reject the request with a 4.05 (Method Not Allowed). | |||
Note: The use of the response codes 4.03 and 4.05 is intended to | Note: The use of the response codes 4.03 and 4.05 is intended to | |||
prevent infinite loops where a dumb client optimistically tries to | prevent infinite loops where a dumb client optimistically tries to | |||
access a requested resource with any access token received from AS. | access a requested resource with any access token received from AS. | |||
As malicious clients could pretend to be C to determine C's | As malicious clients could pretend to be the C to determine the C's | |||
privileges, these detailed response codes must be used only when a | privileges, these detailed response codes must be used only when a | |||
certain level of security is already available which can be achieved | certain level of security is already available, which can be achieved | |||
only when the client is authenticated. | only when the client is authenticated. | |||
Note: The RS MAY use introspection for timely validation of an access | Note: The RS MAY use introspection for timely validation of an access | |||
token, at the time when a request is presented. | token at the time when a request is presented. | |||
Note: Matching the claims of the access token (e.g., scope) to a | Note: Matching the claims of the access token (e.g., scope) to a | |||
specific request is application specific. | specific request is application specific. | |||
If the request matches a valid token and the client has performed the | If the request matches a valid token and the client has performed the | |||
proof-of-possession for that token, the RS continues to process the | proof of possession for that token, the RS continues to process the | |||
request as specified by the underlying application. | request as specified by the underlying application. | |||
5.10.3. Token Expiration | 5.10.3. Token Expiration | |||
Depending on the capabilities of the RS, there are various ways in | Depending on the capabilities of the RS, there are various ways in | |||
which it can verify the expiration of a received access token. Here | which it can verify the expiration of a received access token. The | |||
follows a list of the possibilities including what functionality they | following is a list of the possibilities including what functionality | |||
require of the RS. | they require of the RS. | |||
* The token is a CWT and includes an "exp" claim and possibly the | * The token is a CWT and includes an "exp" claim and possibly the | |||
"nbf" claim. The RS verifies these by comparing them to values | "nbf" claim. The RS verifies these by comparing them to values | |||
from its internal clock as defined in [RFC7519]. In this case the | from its internal clock, as defined in [RFC7519]. In this case, | |||
RS's internal clock must reflect the current date and time, or at | the RS's internal clock must reflect the current date and time or | |||
least be synchronized with the AS's clock. How this clock | at least be synchronized with the AS's clock. How this clock | |||
synchronization would be performed is out of scope for this | synchronization would be performed is out of scope for this | |||
specification. | specification. | |||
* The RS verifies the validity of the token by performing an | * The RS verifies the validity of the token by performing an | |||
introspection request as specified in Section 5.9. This requires | introspection request, as specified in Section 5.9. This requires | |||
the RS to have a reliable network connection to the AS and to be | the RS to have a reliable network connection to the AS and to be | |||
able to handle two secure sessions in parallel (C to RS and RS to | able to handle two secure sessions in parallel (C to RS and RS to | |||
AS). | AS). | |||
* In order to support token expiration for devices that have no | * In order to support token expiration for devices that have no | |||
reliable way of synchronizing their internal clocks, this | reliable way of synchronizing their internal clocks, this | |||
specification defines the following approach: The claim "exi" | specification defines the following approach: The claim "exi" | |||
("expires in") can be used, to provide the RS with the lifetime of | ("expires in") can be used to provide the RS with the lifetime of | |||
the token in seconds from the time the RS first receives the | the token in seconds from the time the RS first receives the | |||
token. This mechanism only works for self-contained tokens, i.e. | token. This mechanism only works for self-contained tokens, i.e., | |||
CWTs and JWTs. For CWTs this parameter is encoded as unsigned | CWTs and JWTs. For CWTs, this parameter is encoded as an unsigned | |||
integer, while JWTs encode this as JSON number. | integer, while JWTs encode this as JSON number. | |||
* Processing this claim requires that the RS does the following: | * Processing this claim requires that the RS does the following: | |||
- For each token the RS receives, that contains an "exi" claim: | - For each token the RS receives that contains an "exi" claim, | |||
Keep track of the time it received that token and revisit that | keep track of the time it received that token and revisit that | |||
list regularly to expunge expired tokens. | list regularly to expunge expired tokens. | |||
- Keep track of the identifiers of tokens containing the "exi" | - Keep track of the identifiers of tokens containing the "exi" | |||
claim that have expired (in order to avoid accepting them | claim that have expired (in order to avoid accepting them | |||
again). In order to avoid an unbounded memory usage growth, | again). In order to avoid an unbounded memory usage growth, | |||
this MUST be implemented in the following way when the "exi" | this MUST be implemented in the following way when the "exi" | |||
claim is used: | claim is used: | |||
o When creating the token, the AS MUST add a 'cti' claim ( or | o When creating the token, the AS MUST add a 'cti' claim ( or | |||
'jti' for JWTs) to the access token. The value of this | 'jti' for JWTs) to the access token. The value of this | |||
claim MUST be created as the binary representation of the | claim MUST be created as the binary representation of the | |||
concatenation of the identifier of the RS with a sequence | concatenation of the identifier of the RS with a sequence | |||
number counting the tokens containing an 'exi' claim, issued | number counting the tokens containing an 'exi' claim, issued | |||
by this AS for the RS. | by this AS for the RS. | |||
o The RS MUST store the highest sequence number of an expired | o The RS MUST store the highest sequence number of an expired | |||
token containing the "exi" claim that it has seen, and treat | token containing the "exi" claim that it has seen and treat | |||
tokens with lower sequence numbers as expired. Note that | tokens with lower sequence numbers as expired. Note that | |||
this could lead to discarding valid tokens with lower | this could lead to discarding valid tokens with lower | |||
sequence numbers, if the AS where to issue tokens of | sequence numbers if the AS where to issue tokens of | |||
different validity time for the same RS. The assumption is | different validity time for the same RS. The assumption is | |||
that typically tokens in such a scenario would all have the | that typically tokens in such a scenario would all have the | |||
same validity time. | same validity time. | |||
If a token that authorizes a long running request such as a CoAP | If a token that authorizes a long-running request, such as a CoAP | |||
Observe [RFC7641] expires, the RS MUST send an error response with | Observe [RFC7641], expires, the RS MUST send an error response with | |||
the response code equivalent to the CoAP code 4.01 (Unauthorized) to | the response code equivalent to the CoAP code 4.01 (Unauthorized) to | |||
the client and then terminate processing the long running request. | the client and then terminate processing the long-running request. | |||
5.10.4. Key Expiration | 5.10.4. Key Expiration | |||
The AS provides the client with key material that the RS uses. This | The AS provides the client with key material that the RS uses. This | |||
can either be a common symmetric PoP-key, or an asymmetric key used | can either be a common symmetric PoP key or an asymmetric key used by | |||
by the RS to authenticate towards the client. Since there is | the RS to authenticate towards the client. Since there is currently | |||
currently no expiration metadata associated to those keys, the client | no expiration metadata associated to those keys, the client has no | |||
has no way of knowing if these keys are still valid. This may lead | way of knowing if these keys are still valid. This may lead to | |||
to situations where the client sends requests containing sensitive | situations where the client sends requests containing sensitive | |||
information to the RS using a key that is expired and possibly in the | information to the RS using a key that is expired and possibly in the | |||
hands of an attacker, or accepts responses from the RS that are not | hands of an attacker or where the client accepts responses from the | |||
properly protected and could possibly have been forged by an | RS that are not properly protected and could possibly have been | |||
attacker. | forged by an attacker. | |||
In order to prevent this, the client must assume that those keys are | In order to prevent this, the client must assume that those keys are | |||
only valid as long as the related access token is. Since the access | only valid as long as the related access token is. Since the access | |||
token is opaque to the client, one of the following methods MUST be | token is opaque to the client, one of the following methods MUST be | |||
used to inform the client about the validity of an access token: | used to inform the client about the validity of an access token: | |||
* The client knows a default validity time for all tokens it is | * The client knows a default validity time for all tokens it is | |||
using (i.e. how long a token is valid after being issued). This | using (i.e., how long a token is valid after being issued). This | |||
information could be provisioned to the client when it is | information could be provisioned to the client when it is | |||
registered at the AS, or published by the AS in a way that the | registered at the AS or published by the AS in a way that the | |||
client can query. | client can query. | |||
* The AS informs the client about the token validity using the | * The AS informs the client about the token validity using the | |||
"expires_in" parameter in the Access Information. | "expires_in" parameter in the Access Information. | |||
A client that is not able to obtain information about the expiration | A client that is not able to obtain information about the expiration | |||
of a token MUST NOT use this token. | of a token MUST NOT use this token. | |||
6. Security Considerations | 6. Security Considerations | |||
Security considerations applicable to authentication and | Security considerations applicable to authentication and | |||
authorization in RESTful environments provided in OAuth 2.0 [RFC6749] | authorization in RESTful environments provided in OAuth 2.0 [RFC6749] | |||
apply to this work. Furthermore [RFC6819] provides additional | apply to this work. Furthermore, [RFC6819] provides additional | |||
security considerations for OAuth which apply to IoT deployments as | security considerations for OAuth, which apply to IoT deployments as | |||
well. If the introspection endpoint is used, the security | well. If the introspection endpoint is used, the security | |||
considerations from [RFC7662] also apply. | considerations from [RFC7662] also apply. | |||
The following subsections address issues specific to this document | The following subsections address issues specific to this document | |||
and it's use in constrained environments. | and its use in constrained environments. | |||
6.1. Protecting Tokens | 6.1. Protecting Tokens | |||
A large range of threats can be mitigated by protecting the contents | A large range of threats can be mitigated by protecting the contents | |||
of the access token by using a digital signature or a keyed message | of the access token by using a digital signature or a keyed message | |||
digest (MAC) or an Authenticated Encryption with Associated Data | digest, e.g., a Message Authentication Code (MAC) or an Authenticated | |||
(AEAD) algorithm. Consequently, the token integrity protection MUST | Encryption with Associated Data (AEAD) algorithm. Consequently, the | |||
be applied to prevent the token from being modified, particularly | token integrity protection MUST be applied to prevent the token from | |||
since it contains a reference to the symmetric key or the asymmetric | being modified, particularly since it contains a reference to the | |||
key used for proof-of-possession. If the access token contains the | symmetric key or the asymmetric key used for proof of possession. If | |||
symmetric key, this symmetric key MUST be encrypted by the | the access token contains the symmetric key, this symmetric key MUST | |||
authorization server so that only the resource server can decrypt it. | be encrypted by the authorization server so that only the resource | |||
Note that using an AEAD algorithm is preferable over using a MAC | server can decrypt it. Note that using an AEAD algorithm is | |||
unless the token needs to be publicly readable. | preferable over using a MAC unless the token needs to be publicly | |||
readable. | ||||
If the token is intended for multiple recipients (i.e. an audience | If the token is intended for multiple recipients (i.e., an audience | |||
that is a group), integrity protection of the token with a symmetric | that is a group), integrity protection of the token with a symmetric | |||
key, shared between the AS and the recipients, is not sufficient, | key, shared between the AS and the recipients, is not sufficient, | |||
since any of the recipients could modify the token undetected by the | since any of the recipients could modify the token undetected by the | |||
other recipients. Therefore a token with a multi-recipient audience | other recipients. Therefore, a token with a multirecipient audience | |||
MUST be protected with an asymmetric signature. | MUST be protected with an asymmetric signature. | |||
It is important for the authorization server to include the identity | It is important for the authorization server to include the identity | |||
of the intended recipient (the audience), typically a single resource | of the intended recipient (the audience), typically a single resource | |||
server (or a list of resource servers), in the token. The same | server (or a list of resource servers), in the token. The same | |||
shared secret MUST NOT be used as proof-of-possession key with | shared secret MUST NOT be used as a proof-of-possession key with | |||
multiple resource servers since the benefit from using the proof-of- | multiple resource servers, since the benefit from using the proof-of- | |||
possession concept is then significantly reduced. | possession concept is then significantly reduced. | |||
If clients are capable of doing so, they should frequently request | If clients are capable of doing so, they should frequently request | |||
fresh access tokens, as this allows the AS to keep the lifetime of | fresh access tokens, as this allows the AS to keep the lifetime of | |||
the tokens short. This allows the AS to use shorter proof-of- | the tokens short. This allows the AS to use shorter proof-of- | |||
possession key sizes, which translate to a performance benefit for | possession key sizes, which translate to a performance benefit for | |||
the client and for the resource server. Shorter keys also lead to | the client and for the resource server. Shorter keys also lead to | |||
shorter messages (particularly with asymmetric keying material). | shorter messages (particularly with asymmetric keying material). | |||
When authorization servers bind symmetric keys to access tokens, they | When authorization servers bind symmetric keys to access tokens, they | |||
SHOULD scope these access tokens to a specific permission. | SHOULD scope these access tokens to a specific permission. | |||
In certain situations it may be necessary to revoke an access token | In certain situations, it may be necessary to revoke an access token | |||
that is still valid. Client-initiated revocation is specified in | that is still valid. Client-initiated revocation is specified in | |||
[RFC7009] for OAuth 2.0. Other revocation mechanisms are currently | [RFC7009] for OAuth 2.0. Other revocation mechanisms are currently | |||
not specified, as the underlying assumption in OAuth is that access | not specified, as the underlying assumption in OAuth is that access | |||
tokens are issued with a relatively short lifetime. This may not | tokens are issued with a relatively short lifetime. This may not | |||
hold true for disconnected constrained devices, needing access tokens | hold true for disconnected constrained devices needing access tokens | |||
with relatively long lifetimes, and would therefore necessitate | with relatively long lifetimes and would therefore necessitate | |||
further standardization work that is out of scope for this document. | further standardization work that is out of scope for this document. | |||
6.2. Communication Security | 6.2. Communication Security | |||
Communication with the authorization server MUST use confidentiality | Communication with the authorization server MUST use confidentiality | |||
protection. This step is extremely important since the client or the | protection. This step is extremely important since the client or the | |||
RS may obtain the proof-of-possession key from the authorization | RS may obtain the proof-of-possession key from the authorization | |||
server for use with a specific access token. Not using | server for use with a specific access token. Not using | |||
confidentiality protection exposes this secret (and the access token) | confidentiality protection exposes this secret (and the access token) | |||
to an eavesdropper thereby completely negating proof-of-possession | to an eavesdropper, thereby completely negating proof-of-possession | |||
security. The requirements for communication security of profiles | security. The requirements for communication security of profiles | |||
are specified in Section 5. | are specified in Section 5. | |||
Additional protection for the access token can be applied by | Additional protection for the access token can be applied by | |||
encrypting it, for example encryption of CWTs is specified in | encrypting it, for example, encryption of CWTs is specified in | |||
Section 5.1 of [RFC8392]. Such additional protection can be | Section 5.1 of [RFC8392]. Such additional protection can be | |||
necessary if the token is later transferred over an insecure | necessary if the token is later transferred over an insecure | |||
connection (e.g. when it is sent to the authz-info endpoint). | connection (e.g., when it is sent to the authz-info endpoint). | |||
Care must by taken by developers to prevent leakage of the PoP | Care must be taken by developers to prevent leakage of the PoP | |||
credentials (i.e., the private key or the symmetric key). An | credentials (i.e., the private key or the symmetric key). An | |||
adversary in possession of the PoP credentials bound to the access | adversary in possession of the PoP credentials bound to the access | |||
token will be able to impersonate the client. Be aware that this is | token will be able to impersonate the client. Be aware that this is | |||
a real risk with many constrained environments, since adversaries may | a real risk with many constrained environments, since adversaries may | |||
get physical access to the devices and can therefore use physical | get physical access to the devices and can therefore use physical | |||
extraction techniques to gain access to memory contents. This risk | extraction techniques to gain access to memory contents. This risk | |||
can be mitigated to some extent by making sure that keys are | can be mitigated to some extent by making sure that keys are | |||
refreshed frequently, by using software isolation techniques and by | refreshed frequently, by using software isolation techniques, and by | |||
using hardware security. | using hardware security. | |||
6.3. Long-Term Credentials | 6.3. Long-Term Credentials | |||
Both clients and RSs have long-term credentials that are used to | Both the clients and RSs have long-term credentials that are used to | |||
secure communications, and authenticate to the AS. These credentials | secure communications and authenticate to the AS. These credentials | |||
need to be protected against unauthorized access. In constrained | need to be protected against unauthorized access. In constrained | |||
devices, deployed in publicly accessible places, such protection can | devices deployed in publicly accessible places, such protection can | |||
be difficult to achieve without specialized hardware (e.g. secure key | be difficult to achieve without specialized hardware (e.g., secure | |||
storage memory). | key storage memory). | |||
If credentials are lost or compromised, the operator of the affected | If credentials are lost or compromised, the operator of the affected | |||
devices needs to have procedures to invalidate any access these | devices needs to have procedures to invalidate any access these | |||
credentials give and to revoke tokens linked to such credentials. | credentials give and needs to revoke tokens linked to such | |||
The loss of a credential linked to a specific device MUST NOT lead to | credentials. The loss of a credential linked to a specific device | |||
a compromise of other credentials not linked to that device, | MUST NOT lead to a compromise of other credentials not linked to that | |||
therefore secret keys used for authentication MUST NOT be shared | device; therefore, secret keys used for authentication MUST NOT be | |||
between more than two parties. | shared between more than two parties. | |||
Operators of clients or RS SHOULD have procedures in place to replace | Operators of the clients or RSs SHOULD have procedures in place to | |||
credentials that are suspected to have been compromised or that have | replace credentials that are suspected to have been compromised or | |||
been lost. | that have been lost. | |||
Operators also SHOULD have procedures for decommissioning devices, | Operators also SHOULD have procedures for decommissioning devices | |||
that include securely erasing credentials and other security critical | that include securely erasing credentials and other security-critical | |||
material in the devices being decommissioned. | material in the devices being decommissioned. | |||
6.4. Unprotected AS Request Creation Hints | 6.4. Unprotected AS Request Creation Hints | |||
Initially, no secure channel exists to protect the communication | Initially, no secure channel exists to protect the communication | |||
between C and RS. Thus, C cannot determine if the "AS Request | between the C and RS. Thus, the C cannot determine if the "AS | |||
Creation Hints" contained in an unprotected response from RS to an | Request Creation Hints" contained in an unprotected response from the | |||
unauthorized request (see Section 5.3) are authentic. C therefore | RS to an unauthorized request (see Section 5.3) are authentic. | |||
MUST determine if an AS is authorized to provide access tokens for a | Therefore, the C MUST determine if an AS is authorized to provide | |||
certain RS. How this determination is implemented is out of scope | access tokens for a certain RS. How this determination is | |||
for this document and left to the applications. | implemented is out of scope for this document and left to the | |||
applications. | ||||
6.5. Minimal Security Requirements for Communication | 6.5. Minimal Security Requirements for Communication | |||
This section summarizes the minimal requirements for the | This section summarizes the minimal requirements for the | |||
communication security of the different protocol interactions. | communication security of the different protocol interactions. | |||
C-AS All communication between the client and the Authorization | C-AS | |||
Server MUST be encrypted, integrity and replay protected. | All communication between the client and the authorization server | |||
Furthermore responses from the AS to the client MUST be bound to | MUST be encrypted and integrity and replay protected. | |||
Furthermore, responses from the AS to the client MUST be bound to | ||||
the client's request to avoid attacks where the attacker swaps the | the client's request to avoid attacks where the attacker swaps the | |||
intended response for an older one valid for a previous request. | intended response for an older one valid for a previous request. | |||
This requires that the client and the Authorization Server have | This requires that the client and the authorization server have | |||
previously exchanged either a shared secret or their public keys | previously exchanged either a shared secret or their public keys | |||
in order to negotiate a secure communication. Furthermore the | in order to negotiate a secure communication. Furthermore, the | |||
client MUST be able to determine whether an AS has the authority | client MUST be able to determine whether an AS has the authority | |||
to issue access tokens for a certain RS. This can for example be | to issue access tokens for a certain RS. This can, for example, | |||
done through pre-configured lists, or through an online lookup | be done through preconfigured lists or through an online lookup | |||
mechanism that in turn also must be secured. | mechanism that in turn also must be secured. | |||
RS-AS The communication between the Resource Server and the | RS-AS | |||
Authorization Server via the introspection endpoint MUST be | The communication between the resource server and the | |||
encrypted, integrity and replay protected. Furthermore responses | authorization server via the introspection endpoint MUST be | |||
from the AS to the RS MUST be bound to the RS's request. This | encrypted and integrity and replay protected. Furthermore, | |||
requires that the RS and the Authorization Server have previously | responses from the AS to the RS MUST be bound to the RS's request. | |||
exchanged either a shared secret, or their public keys in order to | This requires that the RS and the authorization server have | |||
negotiate a secure communication. Furthermore the RS MUST be able | previously exchanged either a shared secret or their public keys | |||
to determine whether an AS has the authority to issue access | in order to negotiate a secure communication. Furthermore, the RS | |||
tokens itself. This is usually configured out of band, but could | MUST be able to determine whether an AS has the authority to issue | |||
also be performed through an online lookup mechanism provided that | access tokens itself. This is usually configured out of band but | |||
it is also secured in the same way. | could also be performed through an online lookup mechanism, | |||
provided that it is also secured in the same way. | ||||
C-RS The initial communication between the client and the Resource | C-RS | |||
Server can not be secured in general, since the RS is not in | The initial communication between the client and the resource | |||
server cannot be secured in general, since the RS is not in | ||||
possession of on access token for that client, which would carry | possession of on access token for that client, which would carry | |||
the necessary parameters. If both parties support DTLS without | the necessary parameters. If both parties support DTLS without | |||
client authentication it is RECOMMEND to use this mechanism for | client authentication, it is RECOMMENDED to use this mechanism for | |||
protecting the initial communication. After the client has | protecting the initial communication. After the client has | |||
successfully transmitted the access token to the RS, a secure | successfully transmitted the access token to the RS, a secure | |||
communication protocol MUST be established between client and RS | communication protocol MUST be established between the client and | |||
for the actual resource request. This protocol MUST provide | RS for the actual resource request. This protocol MUST provide | |||
confidentiality, integrity and replay protection as well as a | confidentiality, integrity, and replay protection, as well as a | |||
binding between requests and responses. This requires that the | binding between requests and responses. This requires that the | |||
client learned either the RS's public key or received a symmetric | client learned either the RS's public key or received a symmetric | |||
proof-of-possession key bound to the access token from the AS. | proof-of-possession key bound to the access token from the AS. | |||
The RS must have learned either the client's public key or a | The RS must have learned either the client's public key, a shared | |||
shared symmetric key from the claims in the token or an | symmetric key from the claims in the token, or an introspection | |||
introspection request. Since ACE does not provide profile | request. Since ACE does not provide profile negotiation between | |||
negotiation between C and RS, the client MUST have learned what | the C and RS, the client MUST have learned what profile the RS | |||
profile the RS supports (e.g. from the AS or pre-configured) and | supports (e.g., from the AS or preconfigured) and initiated the | |||
initiate the communication accordingly. | communication accordingly. | |||
6.6. Token Freshness and Expiration | 6.6. Token Freshness and Expiration | |||
An RS that is offline faces the problem of clock drift. Since it | An RS that is offline faces the problem of clock drift. Since it | |||
cannot synchronize its clock with the AS, it may be tricked into | cannot synchronize its clock with the AS, it may be tricked into | |||
accepting old access tokens that are no longer valid or have been | accepting old access tokens that are no longer valid or have been | |||
compromised. In order to prevent this, an RS may use the nonce-based | compromised. In order to prevent this, an RS may use the nonce-based | |||
mechanism (cnonce) defined in Section 5.3 to ensure freshness of an | mechanism (cnonce) defined in Section 5.3 to ensure freshness of an | |||
Access Token subsequently presented to this RS. | Access Token subsequently presented to this RS. | |||
Another problem with clock drift is that evaluating the standard | Another problem with clock drift is that evaluating the standard | |||
token expiration claim "exp" can give unpredictable results. | token expiration claim "exp" can give unpredictable results. | |||
Acceptable ranges of clock drift are highly dependent on the concrete | Acceptable ranges of clock drift are highly dependent on the concrete | |||
application. Important factors are how long access tokens are valid, | application. Important factors are how long access tokens are valid | |||
and how critical timely expiration of access token is. | and how critical timely expiration of the access token is. | |||
The expiration mechanism implemented by the "exi" claim, based on the | The expiration mechanism implemented by the "exi" claim, based on the | |||
first time the RS sees the token was defined to provide a more | first time the RS sees the token, was defined to provide a more | |||
predictable alternative. The "exi" approach has some drawbacks that | predictable alternative. The "exi" approach has some drawbacks that | |||
need to be considered: | need to be considered: | |||
A malicious client may hold back tokens with the "exi" claim in | * A malicious client may hold back tokens with the "exi" claim in | |||
order to prolong their lifespan. | order to prolong their lifespan. | |||
If an RS loses state (e.g. due to an unscheduled reboot), it may | * If an RS loses state (e.g., due to an unscheduled reboot), it may | |||
lose the current values of counters tracking the "exi" claims of | lose the current values of counters tracking the "exi" claims of | |||
tokens it is storing. | tokens it is storing. | |||
The first drawback is inherent to the deployment scenario and the | The first drawback is inherent to the deployment scenario and the | |||
"exi" solution. It can therefore not be mitigated without requiring | "exi" solution. It can therefore not be mitigated without requiring | |||
the RS be online at times. The second drawback can be mitigated by | the RS be online at times. The second drawback can be mitigated by | |||
regularly storing the value of "exi" counters to persistent memory. | regularly storing the value of "exi" counters to persistent memory. | |||
6.7. Combining Profiles | 6.7. Combining Profiles | |||
There may be use cases where different transport and security | There may be use cases where different transport and security | |||
protocols are allowed for the different interactions, and, if that is | protocols are allowed for the different interactions, and, if that is | |||
not explicitly covered by an existing profile, it corresponds to | not explicitly covered by an existing profile, it corresponds to | |||
combining profiles into a new one. For example, a new profile could | combining profiles into a new one. For example, a new profile could | |||
specify that a previously-defined MQTT-TLS profile is used between | specify that a previously defined MQTT-TLS profile is used between | |||
the client and the RS in combination with a previously-defined CoAP- | the client and the RS in combination with a previously defined CoAP- | |||
DTLS profile for interactions between the client and the AS. The new | DTLS profile for interactions between the client and the AS. The new | |||
profile that combines existing profiles MUST specify how the existing | profile that combines existing profiles MUST specify how the existing | |||
profiles' security properties are achieved. Any profile therefore | profiles' security properties are achieved. Therefore, any profile | |||
MUST clearly specify its security requirements and MUST document if | MUST clearly specify its security requirements and MUST document if | |||
its security depends on the combination of various protocol | its security depends on the combination of various protocol | |||
interactions. | interactions. | |||
6.8. Unprotected Information | 6.8. Unprotected Information | |||
Communication with the authz-info endpoint, as well as the various | Communication with the authz-info endpoint, as well as the various | |||
error responses defined in this framework, all potentially include | error responses defined in this framework, potentially includes | |||
sending information over an unprotected channel. These messages may | sending information over an unprotected channel. These messages may | |||
leak information to an adversary, or may be manipulated by active | leak information to an adversary or may be manipulated by active | |||
attackers to induce incorrect behavior. For example error responses | attackers to induce incorrect behavior. For example, error responses | |||
for requests to the Authorization Information endpoint can reveal | for requests to the authorization information endpoint can reveal | |||
information about an otherwise opaque access token to an adversary | information about an otherwise opaque access token to an adversary | |||
who has intercepted this token. | who has intercepted this token. | |||
As far as error messages are concerned, this framework is written | As far as error messages are concerned, this framework is written | |||
under the assumption that, in general, the benefits of detailed error | under the assumption that, in general, the benefits of detailed error | |||
messages outweigh the risk due to information leakage. For | messages outweigh the risk due to information leakage. For | |||
particular use cases, where this assessment does not apply, detailed | particular use cases where this assessment does not apply, detailed | |||
error messages can be replaced by more generic ones. | error messages can be replaced by more generic ones. | |||
In some scenarios it may be possible to protect the communication | In some scenarios, it may be possible to protect the communication | |||
with the authz-info endpoint (e.g. through DTLS with only server-side | with the authz-info endpoint (e.g., through DTLS with only server- | |||
authentication). In cases where this is not possible, it is | side authentication). In cases where this is not possible, it is | |||
RECOMMENDED to use encrypted CWTs or tokens that are opaque | RECOMMENDED to use encrypted CWTs or tokens that are opaque | |||
references and need to be subjected to introspection by the RS. | references and need to be subjected to introspection by the RS. | |||
If the initial unauthorized resource request message (see | If the initial Unauthorized Resource Request message (see | |||
Section 5.2) is used, the client MUST make sure that it is not | Section 5.2) is used, the client MUST make sure that it is not | |||
sending sensitive content in this request. While GET and DELETE | sending sensitive content in this request. While GET and DELETE | |||
requests only reveal the target URI of the resource, POST and PUT | requests only reveal the target URI of the resource, POST and PUT | |||
requests would reveal the whole payload of the intended operation. | requests would reveal the whole payload of the intended operation. | |||
Since the client is not authenticated at the point when it is | Since the client is not authenticated at the point when it is | |||
submitting an access token to the authz-info endpoint, attackers may | submitting an access token to the authz-info endpoint, attackers may | |||
be pretending to be a client and trying to trick an RS to use an | be pretending to be a client and trying to trick an RS to use an | |||
obsolete profile that in turn specifies a vulnerable security | obsolete profile that in turn specifies a vulnerable security | |||
mechanism via the authz-info endpoint. Such an attack would require | mechanism via the authz-info endpoint. Such an attack would require | |||
a valid access token containing an "ace_profile" claim requesting the | a valid access token containing an "ace_profile" claim requesting the | |||
use of said obsolete profile. Resource Owners should update the | use of said obsolete profile. Resource owners should update the | |||
configuration of their RS's to prevent them from using such obsolete | configuration of their RSs to prevent them from using such obsolete | |||
profiles. | profiles. | |||
6.9. Identifying Audiences | 6.9. Identifying Audiences | |||
The audience claim as defined in [RFC7519] and the equivalent | The audience claim, as defined in [RFC7519], and the equivalent | |||
"audience" parameter from [RFC8693] are intentionally vague on how to | "audience" parameter from [RFC8693] are intentionally vague on how to | |||
match the audience value to a specific RS. This is intended to allow | match the audience value to a specific RS. This is intended to allow | |||
application specific semantics to be used. This section attempts to | application-specific semantics to be used. This section attempts to | |||
give some general guidance for the use of audiences in constrained | give some general guidance for the use of audiences in constrained | |||
environments. | environments. | |||
URLs are not a good way of identifying mobile devices that can switch | URLs are not a good way of identifying mobile devices that can switch | |||
networks and thus be associated with new URLs. If the audience | networks and thus be associated with new URLs. If the audience | |||
represents a single RS, and asymmetric keys are used, the RS can be | represents a single RS and asymmetric keys are used, the RS can be | |||
uniquely identified by a hash of its public key. If this approach is | uniquely identified by a hash of its public key. If this approach is | |||
used it is RECOMMENDED to apply the procedure from section 3 of | used, it is RECOMMENDED to apply the procedure from Section 3 of | |||
[RFC6920]. | [RFC6920]. | |||
If the audience addresses a group of resource servers, the mapping of | If the audience addresses a group of resource servers, the mapping of | |||
group identifier to individual RS has to be provisioned to each RS | a group identifier to an individual RS has to be provisioned to each | |||
before the group-audience is usable. Managing dynamic groups could | RS before the group-audience is usable. Managing dynamic groups | |||
be an issue, if any RS is not always reachable when the groups' | could be an issue if any RS is not always reachable when the groups' | |||
memberships change. Furthermore, issuing access tokens bound to | memberships change. Furthermore, issuing access tokens bound to | |||
symmetric proof-of-possession keys that apply to a group-audience is | symmetric proof-of-possession keys that apply to a group-audience is | |||
problematic, as an RS that is in possession of the access token can | problematic, as an RS that is in possession of the access token can | |||
impersonate the client towards the other RSs that are part of the | impersonate the client towards the other RSs that are part of the | |||
group. It is therefore NOT RECOMMENDED to issue access tokens bound | group. It is therefore NOT RECOMMENDED to issue access tokens bound | |||
to a group audience and symmetric proof-of possession keys. | to a group audience and symmetric proof-of possession keys. | |||
Even the client must be able to determine the correct values to put | Even the client must be able to determine the correct values to put | |||
into the "audience" parameter, in order to obtain a token for the | into the "audience" parameter in order to obtain a token for the | |||
intended RS. Errors in this process can lead to the client | intended RS. Errors in this process can lead to the client | |||
inadvertently obtaining a token for the wrong RS. The correct values | inadvertently obtaining a token for the wrong RS. The correct values | |||
for "audience" can either be provisioned to the client as part of its | for "audience" can either be provisioned to the client as part of its | |||
configuration, or dynamically looked up by the client in some | configuration or dynamically looked up by the client in some | |||
directory. In the latter case the integrity and correctness of the | directory. In the latter case, the integrity and correctness of the | |||
directory data must be assured. Note that the "audience" hint | directory data must be assured. Note that the "audience" hint | |||
provided by the RS as part of the "AS Request Creation Hints" | provided by the RS as part of the "AS Request Creation Hints" | |||
Section 5.3 is not typically source authenticated and integrity | (Section 5.3) is not typically source authenticated and integrity | |||
protected, and should therefore not be treated a trusted value. | protected and should therefore not be treated a trusted value. | |||
6.10. Denial of Service Against or with Introspection | 6.10. Denial of Service Against or with Introspection | |||
The optional introspection mechanism provided by OAuth and supported | The optional introspection mechanism provided by OAuth and supported | |||
in the ACE framework allows for two types of attacks that need to be | in the ACE framework allows for two types of attacks that need to be | |||
considered by implementers. | considered by implementers. | |||
First, an attacker could perform a denial of service attack against | First, an attacker could perform a denial-of-service attack against | |||
the introspection endpoint at the AS in order to prevent validation | the introspection endpoint at the AS in order to prevent validation | |||
of access tokens. To maintain the security of the system, an RS that | of access tokens. To maintain the security of the system, an RS that | |||
is configured to use introspection MUST NOT allow access based on a | is configured to use introspection MUST NOT allow access based on a | |||
token for which it couldn't reach the introspection endpoint. | token for which it couldn't reach the introspection endpoint. | |||
Second, an attacker could use the fact that an RS performs | Second, an attacker could use the fact that an RS performs | |||
introspection to perform a denial of service attack against that RS | introspection to perform a denial-of-service attack against that RS | |||
by repeatedly sending tokens to its authz-info endpoint that require | by repeatedly sending tokens to its authz-info endpoint that require | |||
an introspection call. RS can mitigate such attacks by implementing | an introspection call. The RS can mitigate such attacks by | |||
rate limits on how many introspection requests they perform in a | implementing rate limits on how many introspection requests they | |||
given time interval for a certain client IP address submitting tokens | perform in a given time interval for a certain client IP address | |||
to /authz-info. When that limit has been reached, incoming requests | submitting tokens to /authz-info. When that limit has been reached, | |||
from that address are rejected for a certain amount of time. A | incoming requests from that address are rejected for a certain amount | |||
general rate limit on the introspection requests should also be | of time. A general rate limit on the introspection requests should | |||
considered, to mitigate distributed attacks. | also be considered in order to mitigate distributed attacks. | |||
7. Privacy Considerations | 7. Privacy Considerations | |||
Implementers and users should be aware of the privacy implications of | Implementers and users should be aware of the privacy implications of | |||
the different possible deployments of this framework. | the different possible deployments of this framework. | |||
The AS is in a very central position and can potentially learn | The AS is in a very central position and can potentially learn | |||
sensitive information about the clients requesting access tokens. If | sensitive information about the clients requesting access tokens. If | |||
the client credentials grant is used, the AS can track what kind of | the client credentials grant is used, the AS can track what kind of | |||
access the client intends to perform. With other grants this can be | access the client intends to perform. With other grants, this can be | |||
prevented by the Resource Owner. To do so, the resource owner needs | prevented by the resource owner. To do so, the resource owner needs | |||
to bind the grants it issues to anonymous, ephemeral credentials that | to bind the grants it issues to anonymous, ephemeral credentials that | |||
do not allow the AS to link different grants and thus different | do not allow the AS to link different grants and thus different | |||
access token requests by the same client. | access token requests by the same client. | |||
The claims contained in a token can reveal privacy sensitive | The claims contained in a token can reveal privacy-sensitive | |||
information about the client and the RS to any party having access to | information about the client and the RS to any party having access to | |||
them (whether by processing the content of a self-contained token or | them (whether by processing the content of a self-contained token or | |||
by introspection). The AS SHOULD be configured to minimize the | by introspection). The AS SHOULD be configured to minimize the | |||
information about clients and RSs disclosed in the tokens it issues. | information about clients and RSs disclosed in the tokens it issues. | |||
If tokens are only integrity protected and not encrypted, they may | If tokens are only integrity protected and not encrypted, they may | |||
reveal information to attackers listening on the wire, or able to | reveal information to attackers listening on the wire or be able to | |||
acquire the access tokens in some other way. In the case of CWTs the | acquire the access tokens in some other way. In the case of CWTs, | |||
token may, e.g., reveal the audience, the scope and the confirmation | the token may, e.g., reveal the audience, the scope, and the | |||
method used by the client. The latter may reveal the identity of the | confirmation method used by the client. The latter may reveal the | |||
device or application running the client. This may be linkable to | identity of the device or application running the client. This may | |||
the identity of the person using the client (if there is a person and | be linkable to the identity of the person using the client (if there | |||
not a machine-to-machine interaction). | is a person and not a machine-to-machine interaction). | |||
Clients using asymmetric keys for proof-of-possession should be aware | Clients using asymmetric keys for proof of possession should be aware | |||
of the consequences of using the same key pair for proof-of- | of the consequences of using the same key pair for proof of | |||
possession towards different RSs. A set of colluding RSs or an | possession towards different RSs. A set of colluding RSs or an | |||
attacker able to obtain the access tokens will be able to link the | attacker able to obtain the access tokens will be able to link the | |||
requests, or even to determine the client's identity. | requests or even to determine the client's identity. | |||
An unprotected response to an unauthorized request (see Section 5.3) | An unprotected response to an unauthorized request (see Section 5.3) | |||
may disclose information about RS and/or its existing relationship | may disclose information about the RS and/or its existing | |||
with C. It is advisable to include as little information as possible | relationship with the C. It is advisable to include as little | |||
in an unencrypted response. Even the absolute URI of the AS may | information as possible in an unencrypted response. Even the | |||
reveal sensitive information about the service that RS provides. | absolute URI of the AS may reveal sensitive information about the | |||
Developers must ensure that the RS does not disclose information that | service that the RS provides. Developers must ensure that the RS | |||
has an impact on the privacy of the stakeholders in the "AS Request | does not disclose information that has an impact on the privacy of | |||
Creation Hints". They may choose to use a different mechanism for | the stakeholders in the "AS Request Creation Hints". They may choose | |||
the discovery of the AS if necessary. If means of encrypting | to use a different mechanism for the discovery of the AS if | |||
communication between C and RS already exist, more detailed | necessary. If means of encrypting communication between the C and RS | |||
information may be included with an error response to provide C with | already exist, more detailed information may be included with an | |||
sufficient information to react on that particular error. | error response to provide the C with sufficient information to react | |||
on that particular error. | ||||
8. IANA Considerations | 8. IANA Considerations | |||
This document creates several registries with a registration policy | This document creates several registries with a registration policy | |||
of "Expert Review"; guidelines to the experts are given in | of Expert Review; guidelines to the experts are given in | |||
Section 8.17. | Section 8.17. | |||
8.1. ACE Authorization Server Request Creation Hints | 8.1. ACE Authorization Server Request Creation Hints | |||
This specification establishes the IANA "ACE Authorization Server | This specification establishes the IANA "ACE Authorization Server | |||
Request Creation Hints" registry. The registry has been created to | Request Creation Hints" registry. | |||
use the "Expert Review" registration procedure [RFC8126]. It should | ||||
be noted that, in addition to the expert review, some portions of the | ||||
registry require a specification, potentially a Standards Track RFC, | ||||
be supplied as well. | ||||
The columns of the registry are: | The columns of the registry are: | |||
Name The name of the parameter | Name: The name of the parameter. | |||
CBOR Key CBOR map key for the parameter. Different ranges of values | CBOR Key: CBOR map key for the parameter. Different ranges of | |||
use different registration policies [RFC8126]. Integer values | values use different registration policies [RFC8126]. Integer | |||
from -256 to 255 are designated as Standards Action. Integer | values from -256 to 255 are designated as Standards Action. | |||
values from -65536 to -257 and from 256 to 65535 are designated as | Integer values from -65536 to -257 and from 256 to 65535 are | |||
Specification Required. Integer values greater than 65535 are | designated as Specification Required. Integer values greater than | |||
designated as Expert Review. Integer values less than -65536 are | 65535 are designated as Expert Review. Integer values less than | |||
marked as Private Use. | -65536 are marked as Private Use. | |||
Value Type The CBOR data types allowable for the values of this | Value Type: The CBOR data types allowable for the values of this | |||
parameter. | parameter. | |||
Reference This contains a pointer to the public specification of the | Reference: This contains a pointer to the public specification of | |||
request creation hint abbreviation, if one exists. | the Request Creation Hint abbreviation, if one exists. | |||
This registry will be initially populated by the values in Figure 2. | This registry has been initially populated by the values in Table 1. | |||
The Reference column for all of these entries will be this document. | The Reference column for all of these entries is this document. | |||
8.2. CoRE Resource Type Registry | 8.2. CoRE Resource Type Registry | |||
IANA is requested to register a new Resource Type (rt=) Link Target | IANA has registered a new Resource Type (rt=) Link Target Attribute | |||
Attribute in the "Resource Type (rt=) Link Target Attribute Values" | in the "Resource Type (rt=) Link Target Attribute Values" subregistry | |||
subregistry under the "Constrained RESTful Environments (CoRE) | under the "Constrained RESTful Environments (CoRE) Parameters" | |||
Parameters" [IANA.CoreParameters] registry: | [IANA.CoreParameters] registry: | |||
* Value: "ace.ai" | Value: ace.ai | |||
* Description: ACE-OAuth authz-info endpoint resource. | Description: ACE-OAuth authz-info endpoint resource. | |||
* Reference: [this document] | Reference: RFC 9200 | |||
Specific ACE-OAuth profiles can use this common resource type for | Specific ACE-OAuth profiles can use this common resource type for | |||
defining their profile-specific discovery processes. | defining their profile-specific discovery processes. | |||
8.3. OAuth Extensions Error Registration | 8.3. OAuth Extensions Error Registration | |||
This specification registers the following error values in the OAuth | This specification registers the following error values in the OAuth | |||
Extensions Error registry [IANA.OAuthExtensionsErrorRegistry]. | Extensions Error registry [IANA.OAuthExtensionsErrorRegistry]. | |||
* Error name: "unsupported_pop_key" | Error name: unsupported_pop_key | |||
* Error usage location: token error response | Error usage location: token error response | |||
* Related protocol extension: [this document] | Related protocol extension: RFC 9200 | |||
* Change Controller: IETF | Change Controller: IETF | |||
* Specification document(s): Section 5.8.3 of [this document] | Specification document(s): Section 5.8.3 of RFC 9200 | |||
* Error name: "incompatible_ace_profiles" | Error name: incompatible_ace_profiles | |||
* Error usage location: token error response | Error usage location: token error response | |||
* Related protocol extension: [this document] | Related protocol extension: RFC 9200 | |||
* Change Controller: IETF | Change Controller: IETF | |||
* Specification document(s): Section 5.8.3 of [this document] | Specification document(s): Section 5.8.3 of RFC 9200 | |||
8.4. OAuth Error Code CBOR Mappings Registry | 8.4. OAuth Error Code CBOR Mappings Registry | |||
This specification establishes the IANA "OAuth Error Code CBOR | This specification establishes the IANA "OAuth Error Code CBOR | |||
Mappings" registry. The registry has been created to use the "Expert | Mappings" registry. | |||
Review" registration procedure [RFC8126], except for the value range | ||||
designated for private use. | ||||
The columns of the registry are: | The columns of the registry are: | |||
Name The OAuth Error Code name, refers to the name in Section 5.2. | Name: The OAuth Error Code name, refers to the name in Section 5.2 | |||
of [RFC6749], e.g., "invalid_request". | of [RFC6749], e.g., "invalid_request". | |||
CBOR Value CBOR abbreviation for this error code. Integer values | ||||
less than -65536 are marked as "Private Use", all other values use | CBOR Value: CBOR abbreviation for this error code. Integer values | |||
the registration policy "Expert Review" [RFC8126]. | less than -65536 are marked as Private Use; all other values use | |||
Reference This contains a pointer to the public specification of the | the registration policy Expert Review [RFC8126]. | |||
error code abbreviation, if one exists. | ||||
Original Specification This contains a pointer to the public | Reference: This contains a pointer to the public specification of | |||
the error code abbreviation, if one exists. | ||||
Original Specification: This contains a pointer to the public | ||||
specification of the error code, if one exists. | specification of the error code, if one exists. | |||
This registry will be initially populated by the values in Figure 10. | This registry has been initially populated by the values in Table 3. | |||
The Reference column for all of these entries will be this document. | The Reference column for all of these entries is this document. | |||
8.5. OAuth Grant Type CBOR Mappings | 8.5. OAuth Grant Type CBOR Mappings | |||
This specification establishes the IANA "OAuth Grant Type CBOR | This specification establishes the IANA "OAuth Grant Type CBOR | |||
Mappings" registry. The registry has been created to use the "Expert | Mappings" registry. | |||
Review" registration procedure [RFC8126], except for the value range | ||||
designated for private use. | ||||
The columns of this registry are: | The columns of this registry are: | |||
Name The name of the grant type as specified in Section 1.3 of | Name: The name of the grant type, as specified in Section 1.3 of | |||
[RFC6749]. | [RFC6749]. | |||
CBOR Value CBOR abbreviation for this grant type. Integer values | ||||
less than -65536 are marked as "Private Use", all other values use | CBOR Value: CBOR abbreviation for this grant type. Integer values | |||
the registration policy "Expert Review" [RFC8126]. | less than -65536 are marked as Private Use; all other values use | |||
Reference This contains a pointer to the public specification of the | the registration policy Expert Review [RFC8126]. | |||
grant type abbreviation, if one exists. | ||||
Original Specification This contains a pointer to the public | Reference: This contains a pointer to the public specification of | |||
the grant type abbreviation, if one exists. | ||||
Original Specification: This contains a pointer to the public | ||||
specification of the grant type, if one exists. | specification of the grant type, if one exists. | |||
This registry will be initially populated by the values in Figure 11. | This registry has been initially populated by the values in Table 4. | |||
The Reference column for all of these entries will be this document. | The Reference column for all of these entries is this document. | |||
8.6. OAuth Access Token Types | 8.6. OAuth Access Token Types | |||
This section registers the following new token type in the "OAuth | This section registers the following new token type in the "OAuth | |||
Access Token Types" registry [IANA.OAuthAccessTokenTypes]. | Access Token Types" registry [IANA.OAuthAccessTokenTypes]. | |||
* Type name: "PoP" | Type name: PoP | |||
* Additional Token Endpoint Response Parameters: "cnf", "rs_cnf" see | Additional Token Endpoint Response Parameters: "cnf", "rs_cnf" (see | |||
section 3.1 of [RFC8747] and section 3.1 of | Section 3.1 of [RFC8747] Section 3.2 of [RFC9201]). | |||
[I-D.ietf-ace-oauth-params]. | HTTP Authentication Scheme(s): N/A | |||
* HTTP Authentication Scheme(s): N/A | Change Controller: IETF | |||
* Change Controller: IETF | Specification document(s): RFC 9200 | |||
* Specification document(s): [this document] | ||||
8.7. OAuth Access Token Type CBOR Mappings | 8.7. OAuth Access Token Type CBOR Mappings | |||
This specification established the IANA "OAuth Access Token Type CBOR | This specification establishes the IANA "OAuth Access Token Type CBOR | |||
Mappings" registry. The registry has been created to use the "Expert | Mappings" registry. | |||
Review" registration procedure [RFC8126], except for the value range | ||||
designated for private use. | ||||
The columns of this registry are: | The columns of this registry are: | |||
Name The name of token type as registered in the OAuth Access Token | Name: The name of the token type, as registered in the "OAuth Access | |||
Types registry, e.g., "Bearer". | Token Types" registry, e.g., "Bearer". | |||
CBOR Value CBOR abbreviation for this token type. Integer values | ||||
less than -65536 are marked as "Private Use", all other values use | CBOR Value: CBOR abbreviation for this token type. Integer values | |||
the registration policy "Expert Review" [RFC8126]. | less than -65536 are marked as Private Use; all other values use | |||
Reference This contains a pointer to the public specification of the | the registration policy Expert Review [RFC8126]. | |||
OAuth token type abbreviation, if one exists. | ||||
Original Specification This contains a pointer to the public | Reference: This contains a pointer to the public specification of | |||
the OAuth token type abbreviation, if one exists. | ||||
Original Specification: This contains a pointer to the public | ||||
specification of the OAuth token type, if one exists. | specification of the OAuth token type, if one exists. | |||
8.7.1. Initial Registry Contents | 8.7.1. Initial Registry Contents | |||
* Name: "Bearer" | Name: Bearer | |||
* Value: 1 | Value: 1 | |||
* Reference: [this document] | Reference: RFC 9200 | |||
* Original Specification: [RFC6749] | Original Specification: [RFC6749] | |||
* Name: "PoP" | Name: PoP | |||
* Value: 2 | Value: 2 | |||
* Reference: [this document] | Reference: RFC 9200 | |||
* Original Specification: [this document] | Original Specification: RFC 9200 | |||
8.8. ACE Profile Registry | 8.8. ACE Profile Registry | |||
This specification establishes the IANA "ACE Profile" registry. The | This specification establishes the IANA "ACE Profile" registry. | |||
registry has been created to use the "Expert Review" registration | ||||
procedure [RFC8126]. It should be noted that, in addition to the | ||||
expert review, some portions of the registry require a specification, | ||||
potentially a Standards Track RFC, be supplied as well. | ||||
The columns of this registry are: | The columns of this registry are: | |||
Name The name of the profile, to be used as value of the profile | Name: The name of the profile to be used as the value of the profile | |||
attribute. | attribute. | |||
Description Text giving an overview of the profile and the context | ||||
Description: Text giving an overview of the profile and the context | ||||
it is developed for. | it is developed for. | |||
CBOR Value CBOR abbreviation for this profile name. Different | ||||
CBOR Value: CBOR abbreviation for this profile name. Different | ||||
ranges of values use different registration policies [RFC8126]. | ranges of values use different registration policies [RFC8126]. | |||
Integer values from -256 to 255 are designated as Standards | Integer values from -256 to 255 are designated as Standards | |||
Action. Integer values from -65536 to -257 and from 256 to 65535 | Action. Integer values from -65536 to -257 and from 256 to 65535 | |||
are designated as Specification Required. Integer values greater | are designated as Specification Required. Integer values greater | |||
than 65535 are designated as "Expert Review". Integer values less | than 65535 are designated as Expert Review. Integer values less | |||
than -65536 are marked as Private Use. | than -65536 are marked as Private Use. | |||
Reference This contains a pointer to the public specification of the | ||||
profile abbreviation, if one exists. | ||||
This registry will be initially empty and will be populated by the | Reference: This contains a pointer to the public specification of | |||
registrations from the ACE framework profiles. | the profile abbreviation, if one exists. | |||
8.9. OAuth Parameter Registration | 8.9. OAuth Parameter Registration | |||
This specification registers the following parameter in the "OAuth | This specification registers the following parameter in the "OAuth | |||
Parameters" registry [IANA.OAuthParameters]: | Parameters" registry [IANA.OAuthParameters]: | |||
* Name: "ace_profile" | Name: ace_profile | |||
* Parameter Usage Location: token response | Parameter Usage Location: token response | |||
* Change Controller: IETF | Change Controller: IETF | |||
* Reference: Section 5.8.2 and Section 5.8.4.3 of [this document] | Reference: Sections 5.8.2 and 5.8.4.3 of RFC 9200 | |||
8.10. OAuth Parameters CBOR Mappings Registry | 8.10. OAuth Parameters CBOR Mappings Registry | |||
This specification establishes the IANA "OAuth Parameters CBOR | This specification establishes the IANA "OAuth Parameters CBOR | |||
Mappings" registry. The registry has been created to use the "Expert | Mappings" registry. | |||
Review" registration procedure [RFC8126], except for the value range | ||||
designated for private use. | ||||
The columns of this registry are: | The columns of this registry are: | |||
Name The OAuth Parameter name, refers to the name in the OAuth | Name: The OAuth Parameter name, refers to the name in the OAuth | |||
parameter registry, e.g., "client_id". | parameter registry, e.g., "client_id". | |||
CBOR Key CBOR map key for this parameter. Integer values less than | CBOR Key: CBOR map key for this parameter. Integer values less than | |||
-65536 are marked as "Private Use", all other values use the | -65536 are marked as Private Use; all other values use the | |||
registration policy "Expert Review" [RFC8126]. | registration policy Expert Review [RFC8126]. | |||
Value Type The allowable CBOR data types for values of this | ||||
Value Type: The allowable CBOR data types for values of this | ||||
parameter. | parameter. | |||
Reference This contains a pointer to the public specification of the | ||||
OAuth parameter abbreviation, if one exists. | Reference: This contains a pointer to the public specification of | |||
the OAuth parameter abbreviation, if one exists. | ||||
Original Specification This contains a pointer to the public | Original Specification This contains a pointer to the public | |||
specification of the OAuth parameter, if one exists. | specification of the OAuth parameter, if one exists. | |||
This registry will be initially populated by the values in Figure 12. | This registry has been initially populated by the values in Table 5. | |||
The Reference column for all of these entries will be this document. | The Reference column for all of these entries is this document. | |||
8.11. OAuth Introspection Response Parameter Registration | 8.11. OAuth Introspection Response Parameter Registration | |||
This specification registers the following parameters in the OAuth | This specification registers the following parameters in the OAuth | |||
Token Introspection Response registry | Token Introspection Response registry | |||
[IANA.TokenIntrospectionResponse]. | [IANA.TokenIntrospectionResponse]. | |||
* Name: "ace_profile" | Name: ace_profile | |||
* Description: The ACE profile used between client and RS. | Description: The ACE profile used between the client and RS. | |||
* Change Controller: IETF | Change Controller: IETF | |||
* Reference: Section 5.9.2 of [this document] | Reference: Section 5.9.2 of RFC 9200 | |||
* Name: "cnonce" | Name: cnonce | |||
* Description: "client-nonce". A nonce previously provided to the | ||||
AS by the RS via the client. Used to verify token freshness when | ||||
the RS cannot synchronize its clock with the AS. | ||||
* Change Controller: IETF | ||||
* Reference: Section 5.9.2 of [this document] | ||||
* Name: "cti" | Description: "client-nonce". A nonce previously provided to the AS | |||
* Description: "CWT ID". The identifier of a CWT as defined in | by the RS via the client. Used to verify token freshness when the | |||
RS cannot synchronize its clock with the AS. | ||||
Change Controller: IETF | ||||
Reference: Section 5.9.2 of RFC 9200 | ||||
Name cti | ||||
Description "CWT ID". The identifier of a CWT as defined in | ||||
[RFC8392]. | [RFC8392]. | |||
* Change Controller: IETF | Change Controller IETF | |||
* Reference: Section 5.9.2 of [this document] | Reference Section 5.9.2 of RFC 9200 | |||
* Name: "exi" | Name: exi | |||
* Description: "Expires in". Lifetime of the token in seconds from | Description: "Expires in". Lifetime of the token in seconds from | |||
the time the RS first sees it. Used to implement a weaker from of | the time the RS first sees it. Used to implement a weaker form of | |||
token expiration for devices that cannot synchronize their | token expiration for devices that cannot synchronize their | |||
internal clocks. | internal clocks. | |||
* Change Controller: IETF | Change Controller: IETF | |||
* Reference: Section 5.9.2 of [this document] | Reference: Section 5.9.2 of RFC 9200 | |||
8.12. OAuth Token Introspection Response CBOR Mappings Registry | 8.12. OAuth Token Introspection Response CBOR Mappings Registry | |||
This specification establishes the IANA "OAuth Token Introspection | This specification establishes the IANA "OAuth Token Introspection | |||
Response CBOR Mappings" registry. The registry has been created to | Response CBOR Mappings" registry. | |||
use the "Expert Review" registration procedure [RFC8126], except for | ||||
the value range designated for private use. | ||||
The columns of this registry are: | The columns of this registry are: | |||
Name The OAuth Parameter name, refers to the name in the OAuth | Name: The OAuth Parameter name, refers to the name in the OAuth | |||
parameter registry, e.g., "client_id". | parameter registry, e.g., "client_id". | |||
CBOR Key CBOR map key for this parameter. Integer values less than | ||||
-65536 are marked as "Private Use", all other values use the | CBOR Key: CBOR map key for this parameter. Integer values less than | |||
registration policy "Expert Review" [RFC8126]. | -65536 are marked as Private Use; all other values use the | |||
Value Type The allowable CBOR data types for values of this | registration policy Expert Review [RFC8126]. | |||
Value Type: The allowable CBOR data types for values of this | ||||
parameter. | parameter. | |||
Reference This contains a pointer to the public specification of the | ||||
introspection response parameter abbreviation, if one exists. | Reference: This contains a pointer to the public specification of | |||
the introspection response parameter abbreviation, if one exists. | ||||
Original Specification This contains a pointer to the public | Original Specification This contains a pointer to the public | |||
specification of OAuth Token Introspection parameter, if one | specification of the OAuth Token Introspection parameter, if one | |||
exists. | exists. | |||
This registry will be initially populated by the values in Figure 16. | This registry has been initially populated by the values in Table 6. | |||
The Reference column for all of these entries will be this document. | The Reference column for all of these entries is this document. | |||
Note that the mappings of parameters corresponding to claim names | Note that the mappings of parameters corresponding to claim names | |||
intentionally coincide with the CWT claim name mappings from | intentionally coincide with the CWT claim name mappings from | |||
[RFC8392]. | [RFC8392]. | |||
8.13. JSON Web Token Claims | 8.13. JSON Web Token Claims | |||
This specification registers the following new claims in the JSON Web | This specification registers the following new claims in the JSON Web | |||
Token (JWT) registry of JSON Web Token Claims | Token (JWT) registry of JSON Web Token Claims | |||
[IANA.JsonWebTokenClaims]: | [IANA.JsonWebTokenClaims]: | |||
* Claim Name: "ace_profile" | Claim Name: ace_profile | |||
* Claim Description: The ACE profile a token is supposed to be used | Claim Description: The ACE profile a token is supposed to be used | |||
with. | with. | |||
* Change Controller: IETF | Change Controller: IETF | |||
* Reference: Section 5.10 of [this document] | Reference: Section 5.10 of RFC 9200 | |||
* Claim Name: "cnonce" | Claim Name: cnonce | |||
* Claim Description: "client-nonce". A nonce previously provided to | Claim Description: "client-nonce". A nonce previously provided to | |||
the AS by the RS via the client. Used to verify token freshness | the AS by the RS via the client. Used to verify token freshness | |||
when the RS cannot synchronize its clock with the AS. | when the RS cannot synchronize its clock with the AS. | |||
* Change Controller: IETF | Change Controller: IETF | |||
* Reference: Section 5.10 of [this document] | Reference: Section 5.10 of RFC 9200 | |||
* Claim Name: "exi" | ||||
* Claim Description: "Expires in". Lifetime of the token in seconds | Claim Name: exi | |||
Claim Description: "Expires in". Lifetime of the token in seconds | ||||
from the time the RS first sees it. Used to implement a weaker | from the time the RS first sees it. Used to implement a weaker | |||
from of token expiration for devices that cannot synchronize their | form of token expiration for devices that cannot synchronize their | |||
internal clocks. | internal clocks. | |||
* Change Controller: IETF | Change Controller: IETF | |||
* Reference: Section 5.10.3 of [this document] | Reference: Section 5.10.3 of RFC 9200 | |||
8.14. CBOR Web Token Claims | 8.14. CBOR Web Token Claims | |||
This specification registers the following new claims in the "CBOR | This specification registers the following new claims in the "CBOR | |||
Web Token (CWT) Claims" registry [IANA.CborWebTokenClaims]. | Web Token (CWT) Claims" registry [IANA.CborWebTokenClaims]. | |||
* Claim Name: "ace_profile" | Claim Name: ace_profile | |||
* Claim Description: The ACE profile a token is supposed to be used | Claim Description: The ACE profile a token is supposed to be used | |||
with. | with. | |||
* JWT Claim Name: ace_profile | JWT Claim Name: ace_profile | |||
* Claim Key: TBD (suggested: 38) | Claim Key: 38 | |||
* Claim Value Type(s): integer | Claim Value Type(s): integer | |||
* Change Controller: IETF | Change Controller: IETF | |||
* Specification Document(s): Section 5.10 of [this document] | Specification Document(s): Section 5.10 of RFC 9200 | |||
* Claim Name: "cnonce" | Claim Name: cnonce | |||
* Claim Description: The client-nonce sent to the AS by the RS via | Claim Description: The client-nonce sent to the AS by the RS via the | |||
the client. | client. | |||
* JWT Claim Name: cnonce | JWT Claim Name: cnonce | |||
* Claim Key: TBD (suggested: 39) | Claim Key: 39 | |||
* Claim Value Type(s): byte string | Claim Value Type(s): byte string | |||
* Change Controller: IETF | Change Controller: IETF | |||
* Specification Document(s): Section 5.10 of [this document] | Specification Document(s): Section 5.10 of RFC 9200 | |||
* Claim Name: "exi" | Claim Name: exi | |||
* Claim Description: The expiration time of a token measured from | Claim Description: The expiration time of a token measured from when | |||
when it was received at the RS in seconds. | it was received at the RS in seconds. | |||
* JWT Claim Name: exi | JWT Claim Name: exi | |||
* Claim Key: TBD (suggested: 40) | Claim Key: 40 | |||
* Claim Value Type(s): integer | Claim Value Type(s): integer | |||
* Change Controller: IETF | Change Controller: IETF | |||
* Specification Document(s): Section 5.10.3 of [this document] | Specification Document(s): Section 5.10.3 of RFC 9200 | |||
* Claim Name: "scope" | Claim Name: scope | |||
* Claim Description: The scope of an access token as defined in | Claim Description: The scope of an access token, as defined in | |||
[RFC6749]. | [RFC6749]. | |||
* JWT Claim Name: scope | JWT Claim Name: scope | |||
* Claim Key: TBD (suggested: 9) | Claim Key: 9 | |||
* Claim Value Type(s): byte string or text string | Claim Value Type(s): byte string or text string | |||
* Change Controller: IETF | Change Controller: IETF | |||
* Specification Document(s): Section 4.2 of [RFC8693] | Specification Document(s): Section 4.2 of [RFC8693] | |||
8.15. Media Type Registrations | 8.15. Media Type Registration | |||
This specification registers the 'application/ace+cbor' media type | This specification registers the "application/ace+cbor" media type | |||
for messages of the protocols defined in this document carrying | for messages of the protocols defined in this document carrying | |||
parameters encoded in CBOR. This registration follows the procedures | parameters encoded in CBOR. This registration follows the procedures | |||
specified in [RFC6838]. | specified in [RFC6838]. | |||
Type name: application | Type name: application | |||
Subtype name: ace+cbor | Subtype name: ace+cbor | |||
Required parameters: N/A | Required parameters: N/A | |||
Optional parameters: N/A | Optional parameters: N/A | |||
Encoding considerations: Must be encoded as CBOR map containing the | Encoding considerations: Must be encoded as a CBOR map containing | |||
protocol parameters defined in [this document]. | the protocol parameters defined in RFC 9200. | |||
Security considerations: See Section 6 of [this document] | Security considerations: See Section 6 of RFC 9200 | |||
Interoperability considerations: N/A | Interoperability considerations: N/A | |||
Published specification: [this document] | Published specification: RFC 9200 | |||
Applications that use this media type: The type is used by | Applications that use this media type: The type is used by | |||
authorization servers, clients and resource servers that support the | authorization servers, clients, and resource servers that support | |||
ACE framework with CBOR encoding as specified in [this document]. | the ACE framework with CBOR encoding, as specified in RFC 9200. | |||
Fragment identifier considerations: N/A | Fragment identifier considerations: N/A | |||
Additional information: N/A | Additional information: N/A | |||
Person & email address to contact for further information: | Person & email address to contact for further information: | |||
<iesg@ietf.org> | IESG <iesg@ietf.org> | |||
Intended usage: COMMON | Intended usage: COMMON | |||
Restrictions on usage: none | Restrictions on usage: none | |||
Author: Ludwig Seitz <ludwig.seitz@combitech.se> | Author: Ludwig Seitz <ludwig.seitz@combitech.se> | |||
Change controller: IETF | Change controller: IETF | |||
8.16. CoAP Content-Format Registry | 8.16. CoAP Content-Format Registry | |||
This specification registers the following entry to the "CoAP | The following entry has been registered in the "CoAP Content-Formats" | |||
Content-Formats" registry: | registry: | |||
Media Type: application/ace+cbor | ||||
Encoding: - | ||||
ID: TBD (suggested: 19) | ||||
Reference: [this document] | Media Type: application/ace+cbor | |||
Encoding: - | ||||
ID: 19 | ||||
Reference: RFC 9200 | ||||
8.17. Expert Review Instructions | 8.17. Expert Review Instructions | |||
All of the IANA registries established in this document are defined | All of the IANA registries established in this document are defined | |||
to use a registration policy of Expert Review. This section gives | to use a registration policy of Expert Review. This section gives | |||
some general guidelines for what the experts should be looking for, | some general guidelines for what the experts should be looking for, | |||
but they are being designated as experts for a reason, so they should | but they are being designated as experts for a reason, so they should | |||
be given substantial latitude. | be given substantial latitude. | |||
Expert reviewers should take into consideration the following points: | Expert Reviewers should take into consideration the following points: | |||
* Point squatting should be discouraged. Reviewers are encouraged | * Point squatting should be discouraged. Reviewers are encouraged | |||
to get sufficient information for registration requests to ensure | to get sufficient information for registration requests to ensure | |||
that the usage is not going to duplicate one that is already | that the usage is not going to duplicate one that is already | |||
registered, and that the point is likely to be used in | registered and that the point is likely to be used in deployments. | |||
deployments. The zones tagged as private use are intended for | The zones tagged as Private Use are intended for testing purposes | |||
testing purposes and closed environments; code points in other | and closed environments; code points in other ranges should not be | |||
ranges should not be assigned for testing. | assigned for testing. | |||
* Specifications are needed for the first-come, first-serve range if | * Specifications are needed for the first-come, first-serve range if | |||
they are expected to be used outside of closed environments in an | they are expected to be used outside of closed environments in an | |||
interoperable way. When specifications are not provided, the | interoperable way. When specifications are not provided, the | |||
description provided needs to have sufficient information to | description provided needs to have sufficient information to | |||
identify what the point is being used for. | identify what the point is being used for. | |||
* Experts should take into account the expected usage of fields when | * Experts should take into account the expected usage of fields when | |||
approving point assignment. The fact that there is a range for | approving point assignment. The fact that there is a range for | |||
standards track documents does not mean that a standards track | Standards Track documents does not mean that a Standards Track | |||
document cannot have points assigned outside of that range. The | document cannot have points assigned outside of that range. The | |||
length of the encoded value should be weighed against how many | length of the encoded value should be weighed against how many | |||
code points of that length are left, the size of device it will be | code points of that length are left, i.e., the size of device it | |||
used on. | will be used on. | |||
* Since a high degree of overlap is expected between these | * Since a high degree of overlap is expected between these | |||
registries and the contents of the OAuth parameters | registries and the contents of the OAuth parameters | |||
[IANA.OAuthParameters] registries, experts should require new | [IANA.OAuthParameters] registries, experts should require new | |||
registrations to maintain alignment with parameters from OAuth | registrations to maintain alignment with parameters from OAuth | |||
that have comparable functionality. Deviation from this alignment | that have comparable functionality. Deviation from this alignment | |||
should only be allowed if there are functional differences, that | should only be allowed if there are functional differences that | |||
are motivated by the use case and that cannot be easily or | are motivated by the use case and that cannot be easily or | |||
efficiently addressed by comparable OAuth parameters. | efficiently addressed by comparable OAuth parameters. | |||
9. Acknowledgments | 9. References | |||
This document is a product of the ACE working group of the IETF. | ||||
Thanks to Eve Maler for her contributions to the use of OAuth 2.0 and | ||||
UMA in IoT scenarios, Robert Taylor for his discussion input, and | ||||
Malisa Vucinic for his input on the predecessors of this proposal. | ||||
Thanks to the authors of draft-ietf-oauth-pop-key-distribution, from | ||||
where parts of the security considerations where copied. | ||||
Thanks to Stefanie Gerdes, Olaf Bergmann, and Carsten Bormann for | ||||
contributing their work on AS discovery from draft-gerdes-ace-dcaf- | ||||
authorize (see Section 5.1) and the considerations on multiple access | ||||
tokens. | ||||
Thanks to Jim Schaad and Mike Jones for their comprehensive reviews. | ||||
Thanks to Benjamin Kaduk for his input on various questions related | ||||
to this work. | ||||
Thanks to Cigdem Sengul for some very useful review comments. | ||||
Thanks to Carsten Bormann for contributing the text for the CoRE | ||||
Resource Type registry. | ||||
Thanks to Roman Danyliw for suggesting the Appendix E (including its | ||||
contents). | ||||
Ludwig Seitz and Goeran Selander worked on this document as part of | ||||
the CelticPlus project CyberWI, with funding from Vinnova. Ludwig | ||||
Seitz was also received further funding for this work by Vinnova in | ||||
the context of the CelticNext project Critisec. | ||||
10. References | ||||
10.1. Normative References | ||||
[I-D.ietf-ace-oauth-params] | 9.1. Normative References | |||
Seitz, L., "Additional OAuth Parameters for Authorization | ||||
in Constrained Environments (ACE)", Work in Progress, | ||||
Internet-Draft, draft-ietf-ace-oauth-params-15, 6 May | ||||
2021, <https://www.ietf.org/archive/id/draft-ietf-ace- | ||||
oauth-params-15.txt>. | ||||
[IANA.CborWebTokenClaims] | [IANA.CborWebTokenClaims] | |||
IANA, "CBOR Web Token (CWT) Claims", | IANA, "CBOR Web Token (CWT) Claims", | |||
<https://www.iana.org/assignments/cwt/cwt.xhtml#claims- | <https://www.iana.org/assignments/cwt>. | |||
registry>. | ||||
[IANA.CoreParameters] | [IANA.CoreParameters] | |||
IANA, "Constrained RESTful Environments (CoRE) | IANA, "Constrained RESTful Environments (CoRE) | |||
Parameters", <https://www.iana.org/assignments/core- | Parameters", | |||
parameters/core-parameters.xhtml>. | <https://www.iana.org/assignments/core-parameters>. | |||
[IANA.JsonWebTokenClaims] | [IANA.JsonWebTokenClaims] | |||
IANA, "JSON Web Token Claims", | IANA, "JSON Web Token Claims", | |||
<https://www.iana.org/assignments/jwt/jwt.xhtml#claims>. | <https://www.iana.org/assignments/jwt>. | |||
[IANA.OAuthAccessTokenTypes] | [IANA.OAuthAccessTokenTypes] | |||
IANA, "OAuth Access Token Types", | IANA, "OAuth Access Token Types", | |||
<https://www.iana.org/assignments/oauth-parameters/oauth- | <https://www.iana.org/assignments/oauth-parameters>. | |||
parameters.xhtml#token-types>. | ||||
[IANA.OAuthExtensionsErrorRegistry] | [IANA.OAuthExtensionsErrorRegistry] | |||
IANA, "OAuth Extensions Error Registry", | IANA, "OAuth Extensions Error Registry", | |||
<https://www.iana.org/assignments/oauth-parameters/oauth- | <https://www.iana.org/assignments/oauth-parameters>. | |||
parameters.xhtml#extensions-error>. | ||||
[IANA.OAuthParameters] | [IANA.OAuthParameters] | |||
IANA, "OAuth Parameters", | IANA, "OAuth Parameters", | |||
<https://www.iana.org/assignments/oauth-parameters/oauth- | <https://www.iana.org/assignments/oauth-parameters>. | |||
parameters.xhtml#parameters>. | ||||
[IANA.TokenIntrospectionResponse] | [IANA.TokenIntrospectionResponse] | |||
IANA, "OAuth Token Introspection Response", | IANA, "OAuth Token Introspection Response", | |||
<https://www.iana.org/assignments/oauth-parameters/oauth- | <https://www.iana.org/assignments/oauth-parameters>. | |||
parameters.xhtml#token-introspection-response>. | ||||
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | |||
Requirement Levels", BCP 14, RFC 2119, | Requirement Levels", BCP 14, RFC 2119, | |||
DOI 10.17487/RFC2119, March 1997, | DOI 10.17487/RFC2119, March 1997, | |||
<https://www.rfc-editor.org/info/rfc2119>. | <https://www.rfc-editor.org/info/rfc2119>. | |||
[RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform | [RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform | |||
Resource Identifier (URI): Generic Syntax", STD 66, | Resource Identifier (URI): Generic Syntax", STD 66, | |||
RFC 3986, DOI 10.17487/RFC3986, January 2005, | RFC 3986, DOI 10.17487/RFC3986, January 2005, | |||
<https://www.rfc-editor.org/info/rfc3986>. | <https://www.rfc-editor.org/info/rfc3986>. | |||
[RFC4648] Josefsson, S., "The Base16, Base32, and Base64 Data | ||||
Encodings", RFC 4648, DOI 10.17487/RFC4648, October 2006, | ||||
<https://www.rfc-editor.org/info/rfc4648>. | ||||
[RFC6347] Rescorla, E. and N. Modadugu, "Datagram Transport Layer | [RFC6347] Rescorla, E. and N. Modadugu, "Datagram Transport Layer | |||
Security Version 1.2", RFC 6347, DOI 10.17487/RFC6347, | Security Version 1.2", RFC 6347, DOI 10.17487/RFC6347, | |||
January 2012, <https://www.rfc-editor.org/info/rfc6347>. | January 2012, <https://www.rfc-editor.org/info/rfc6347>. | |||
[RFC6749] Hardt, D., Ed., "The OAuth 2.0 Authorization Framework", | [RFC6749] Hardt, D., Ed., "The OAuth 2.0 Authorization Framework", | |||
RFC 6749, DOI 10.17487/RFC6749, October 2012, | RFC 6749, DOI 10.17487/RFC6749, October 2012, | |||
<https://www.rfc-editor.org/info/rfc6749>. | <https://www.rfc-editor.org/info/rfc6749>. | |||
[RFC6750] Jones, M. and D. Hardt, "The OAuth 2.0 Authorization | [RFC6750] Jones, M. and D. Hardt, "The OAuth 2.0 Authorization | |||
Framework: Bearer Token Usage", RFC 6750, | Framework: Bearer Token Usage", RFC 6750, | |||
skipping to change at page 63, line 20 ¶ | skipping to change at line 2946 ¶ | |||
[RFC8747] Jones, M., Seitz, L., Selander, G., Erdtman, S., and H. | [RFC8747] Jones, M., Seitz, L., Selander, G., Erdtman, S., and H. | |||
Tschofenig, "Proof-of-Possession Key Semantics for CBOR | Tschofenig, "Proof-of-Possession Key Semantics for CBOR | |||
Web Tokens (CWTs)", RFC 8747, DOI 10.17487/RFC8747, March | Web Tokens (CWTs)", RFC 8747, DOI 10.17487/RFC8747, March | |||
2020, <https://www.rfc-editor.org/info/rfc8747>. | 2020, <https://www.rfc-editor.org/info/rfc8747>. | |||
[RFC8949] Bormann, C. and P. Hoffman, "Concise Binary Object | [RFC8949] Bormann, C. and P. Hoffman, "Concise Binary Object | |||
Representation (CBOR)", STD 94, RFC 8949, | Representation (CBOR)", STD 94, RFC 8949, | |||
DOI 10.17487/RFC8949, December 2020, | DOI 10.17487/RFC8949, December 2020, | |||
<https://www.rfc-editor.org/info/rfc8949>. | <https://www.rfc-editor.org/info/rfc8949>. | |||
10.2. Informative References | [RFC9201] Seitz, L., "Additional OAuth Parameters for Authentication | |||
and Authorization in Constrained Environments (ACE)", | ||||
RFC 9201, DOI 10.17487/RFC9201, March 2022, | ||||
<https://www.rfc-editor.org/info/rfc9201>. | ||||
[BLE] Bluetooth SIG, "Bluetooth Core Specification v5.1", | 9.2. Informative References | |||
Section 4.4, January 2019, | ||||
[BLE] Bluetooth Special Interest Group, "Core Specification | ||||
5.3", Section 4.4, July 2021, | ||||
<https://www.bluetooth.com/specifications/bluetooth-core- | <https://www.bluetooth.com/specifications/bluetooth-core- | |||
specification/>. | specification/>. | |||
[I-D.erdtman-ace-rpcc] | [DCAF] Gerdes, S., Bergmann, O., and C. Bormann, "Delegated CoAP | |||
Seitz, L. and S. Erdtman, "Raw-Public-Key and Pre-Shared- | Authentication and Authorization Framework (DCAF)", Work | |||
Key as OAuth client credentials", Work in Progress, | in Progress, Internet-Draft, draft-gerdes-ace-dcaf- | |||
Internet-Draft, draft-erdtman-ace-rpcc-02, 30 October | authorize-04, 19 October 2015, | |||
2017, <https://www.ietf.org/archive/id/draft-erdtman-ace- | <https://datatracker.ietf.org/doc/html/draft-gerdes-ace- | |||
rpcc-02.txt>. | dcaf-authorize-04>. | |||
[I-D.ietf-ace-dtls-authorize] | ||||
Gerdes, S., Bergmann, O., Bormann, C., Selander, G., and | ||||
L. Seitz, "Datagram Transport Layer Security (DTLS) | ||||
Profile for Authentication and Authorization for | ||||
Constrained Environments (ACE)", Work in Progress, | ||||
Internet-Draft, draft-ietf-ace-dtls-authorize-18, 4 June | ||||
2021, <https://www.ietf.org/archive/id/draft-ietf-ace- | ||||
dtls-authorize-18.txt>. | ||||
[I-D.ietf-ace-oscore-profile] | ||||
Palombini, F., Seitz, L., Selander, G., and M. Gunnarsson, | ||||
"OSCORE Profile of the Authentication and Authorization | ||||
for Constrained Environments Framework", Work in Progress, | ||||
Internet-Draft, draft-ietf-ace-oscore-profile-19, 6 May | ||||
2021, <https://www.ietf.org/archive/id/draft-ietf-ace- | ||||
oscore-profile-19.txt>. | ||||
[I-D.ietf-quic-transport] | ||||
Iyengar, J. and M. Thomson, "QUIC: A UDP-Based Multiplexed | ||||
and Secure Transport", Work in Progress, Internet-Draft, | ||||
draft-ietf-quic-transport-34, 14 January 2021, | ||||
<https://www.ietf.org/archive/id/draft-ietf-quic- | ||||
transport-34.txt>. | ||||
[I-D.ietf-tls-dtls13] | ||||
Rescorla, E., Tschofenig, H., and N. Modadugu, "The | ||||
Datagram Transport Layer Security (DTLS) Protocol Version | ||||
1.3", Work in Progress, Internet-Draft, draft-ietf-tls- | ||||
dtls13-43, 30 April 2021, <https://www.ietf.org/internet- | ||||
drafts/draft-ietf-tls-dtls13-43.txt>. | ||||
[Margi10impact] | [Margi10impact] | |||
Margi, C. B., de Oliveira, B.T., de Sousa, G.T., Simplicio | Margi, C., de Oliveira, B., de Sousa, G., Simplicio Jr, | |||
Jr, M.A., Barreto, P.S.L.M., Carvalho, T.C.M.B., Naeslund, | M., Barreto, P., Carvalho, T., Naeslund, M., and R. Gold, | |||
M., and R. Gold, "Impact of Operating Systems on Wireless | "Impact of Operating Systems on Wireless Sensor Networks | |||
Sensor Networks (Security) Applications and Testbeds", | (Security) Applications and Testbeds", Proceedings of the | |||
Proceedings of the 19th International Conference on | 19th International Conference on Computer Communications | |||
Computer Communications and Networks (ICCCN), August 2010. | and Networks, DOI 10.1109/ICCCN.2010.5560028, August 2010, | |||
<https://doi.org/10.1109/ICCCN.2010.5560028>. | ||||
[MQTT5.0] Banks, A., Briggs, E., Borgendale, K., and R. Gupta, "MQTT | [MQTT5.0] Banks, A., Briggs, E., Borgendale, K., and R. Gupta, "MQTT | |||
Version 5.0", OASIS Standard, March 2019, | Version 5.0", OASIS Standard, March 2019, | |||
<https://docs.oasis-open.org/mqtt/mqtt/v5.0/mqtt- | <https://docs.oasis-open.org/mqtt/mqtt/v5.0/mqtt- | |||
v5.0.html>. | v5.0.html>. | |||
[OAUTH-RPCC] | ||||
Seitz, L., Erdtman, S., and M. Tiloca, "Raw-Public-Key and | ||||
Pre-Shared-Key as OAuth client credentials", Work in | ||||
Progress, Internet-Draft, draft-erdtman-oauth-rpcc-00, 21 | ||||
November 2017, <https://datatracker.ietf.org/doc/html/ | ||||
draft-erdtman-oauth-rpcc-00>. | ||||
[POP-KEY-DIST] | ||||
Bradley, J., Hunt, P., Jones, M., Tschofenig, H., and M. | ||||
Meszaros, "OAuth 2.0 Proof-of-Possession: Authorization | ||||
Server to Client Key Distribution", Work in Progress, | ||||
Internet-Draft, draft-ietf-oauth-pop-key-distribution-07, | ||||
27 March 2019, <https://datatracker.ietf.org/doc/html/ | ||||
draft-ietf-oauth-pop-key-distribution-07>. | ||||
[RFC4949] Shirey, R., "Internet Security Glossary, Version 2", | [RFC4949] Shirey, R., "Internet Security Glossary, Version 2", | |||
FYI 36, RFC 4949, DOI 10.17487/RFC4949, August 2007, | FYI 36, RFC 4949, DOI 10.17487/RFC4949, August 2007, | |||
<https://www.rfc-editor.org/info/rfc4949>. | <https://www.rfc-editor.org/info/rfc4949>. | |||
[RFC6690] Shelby, Z., "Constrained RESTful Environments (CoRE) Link | [RFC6690] Shelby, Z., "Constrained RESTful Environments (CoRE) Link | |||
Format", RFC 6690, DOI 10.17487/RFC6690, August 2012, | Format", RFC 6690, DOI 10.17487/RFC6690, August 2012, | |||
<https://www.rfc-editor.org/info/rfc6690>. | <https://www.rfc-editor.org/info/rfc6690>. | |||
[RFC6819] Lodderstedt, T., Ed., McGloin, M., and P. Hunt, "OAuth 2.0 | [RFC6819] Lodderstedt, T., Ed., McGloin, M., and P. Hunt, "OAuth 2.0 | |||
Threat Model and Security Considerations", RFC 6819, | Threat Model and Security Considerations", RFC 6819, | |||
skipping to change at page 66, line 29 ¶ | skipping to change at line 3085 ¶ | |||
[RFC8613] Selander, G., Mattsson, J., Palombini, F., and L. Seitz, | [RFC8613] Selander, G., Mattsson, J., Palombini, F., and L. Seitz, | |||
"Object Security for Constrained RESTful Environments | "Object Security for Constrained RESTful Environments | |||
(OSCORE)", RFC 8613, DOI 10.17487/RFC8613, July 2019, | (OSCORE)", RFC 8613, DOI 10.17487/RFC8613, July 2019, | |||
<https://www.rfc-editor.org/info/rfc8613>. | <https://www.rfc-editor.org/info/rfc8613>. | |||
[RFC8628] Denniss, W., Bradley, J., Jones, M., and H. Tschofenig, | [RFC8628] Denniss, W., Bradley, J., Jones, M., and H. Tschofenig, | |||
"OAuth 2.0 Device Authorization Grant", RFC 8628, | "OAuth 2.0 Device Authorization Grant", RFC 8628, | |||
DOI 10.17487/RFC8628, August 2019, | DOI 10.17487/RFC8628, August 2019, | |||
<https://www.rfc-editor.org/info/rfc8628>. | <https://www.rfc-editor.org/info/rfc8628>. | |||
[RFC9000] Iyengar, J., Ed. and M. Thomson, Ed., "QUIC: A UDP-Based | ||||
Multiplexed and Secure Transport", RFC 9000, | ||||
DOI 10.17487/RFC9000, May 2021, | ||||
<https://www.rfc-editor.org/info/rfc9000>. | ||||
[RFC9147] Rescorla, E., Tschofenig, H., and N. Modadugu, "The | ||||
Datagram Transport Layer Security (DTLS) Protocol Version | ||||
1.3", RFC 9147, DOI 10.17487/RFC9147, March 2022, | ||||
<https://www.rfc-editor.org/info/rfc9147>. | ||||
[RFC9202] Gerdes, S., Bergmann, O., Bormann, C., Selander, G., and | ||||
L. Seitz, "Datagram Transport Layer Security (DTLS) | ||||
Profile for Authentication and Authorization for | ||||
Constrained Environments (ACE)", RFC 9202, | ||||
DOI 10.17487/RFC9202, March 2022, | ||||
<https://www.rfc-editor.org/info/rfc9202>. | ||||
[RFC9203] Palombini, F., Seitz, L., Selander, G., and M. Gunnarsson, | ||||
"The Object Security for Constrained RESTful Environments | ||||
(OSCORE) Profile of the Authentication and Authorization | ||||
for Constrained Environments (ACE) Framework", RFC 9203, | ||||
DOI 10.17487/RFC9203, March 2022, | ||||
<https://www.rfc-editor.org/info/rfc9203>. | ||||
Appendix A. Design Justification | Appendix A. Design Justification | |||
This section provides further insight into the design decisions of | This section provides further insight into the design decisions of | |||
the solution documented in this document. Section 3 lists several | the solution documented in this document. Section 3 lists several | |||
building blocks and briefly summarizes their importance. The | building blocks and briefly summarizes their importance. The | |||
justification for offering some of those building blocks, as opposed | justification for offering some of those building blocks, as opposed | |||
to using OAuth 2.0 as is, is given below. | to using OAuth 2.0 as is, is given below. | |||
Common IoT constraints are: | Common IoT constraints are: | |||
Low Power Radio: | Low Power Radio: | |||
Many IoT devices are equipped with a small battery that needs to | ||||
Many IoT devices are equipped with a small battery which needs to | ||||
last for a long time. For many constrained wireless devices, the | last for a long time. For many constrained wireless devices, the | |||
highest energy cost is associated to transmitting or receiving | highest energy cost is associated to transmitting or receiving | |||
messages (roughly by a factor of 10 compared to AES) | messages (roughly by a factor of 10 compared to AES) | |||
[Margi10impact]. It is therefore important to keep the total | [Margi10impact]. It is therefore important to keep the total | |||
communication overhead low, including minimizing the number and | communication overhead low, including minimizing the number and | |||
size of messages sent and received, which has an impact of choice | size of messages sent and received, which has an impact of choice | |||
on the message format and protocol. By using CoAP over UDP and | on the message format and protocol. By using CoAP over UDP and | |||
CBOR encoded messages, some of these aspects are addressed. | CBOR-encoded messages, some of these aspects are addressed. | |||
Security protocols contribute to the communication overhead and | Security protocols contribute to the communication overhead and | |||
can, in some cases, be optimized. For example, authentication and | can, in some cases, be optimized. For example, authentication and | |||
key establishment may, in certain cases where security | key establishment may, in certain cases where security | |||
requirements allow, be replaced by provisioning of security | requirements allow, be replaced by the provisioning of security | |||
context by a trusted third party, using transport or application- | context by a trusted third party, using transport or application- | |||
layer security. | layer security. | |||
Low CPU Speed: | Low CPU Speed: | |||
Some IoT devices are equipped with processors that are | Some IoT devices are equipped with processors that are | |||
significantly slower than those found in most current devices on | significantly slower than those found in most current devices on | |||
the Internet. This typically has implications on what timely | the Internet. This typically has implications on what timely | |||
cryptographic operations a device is capable of performing, which | cryptographic operations a device is capable of performing, which | |||
in turn impacts, e.g., protocol latency. Symmetric key | in turn impacts, e.g., protocol latency. Symmetric key | |||
cryptography may be used instead of the computationally more | cryptography may be used instead of the computationally more | |||
expensive public key cryptography where the security requirements | expensive public key cryptography where the security requirements | |||
so allow, but this may also require support for trusted-third- | so allow, but this may also require support for trusted, third- | |||
party-assisted secret key establishment using transport- or | party-assisted secret key establishment using transport- or | |||
application-layer security. | application-layer security. | |||
Small Amount of Memory: | Small Amount of Memory: | |||
Microcontrollers embedded in IoT devices are often equipped with | Microcontrollers embedded in IoT devices are often equipped with | |||
only a small amount of RAM and flash memory, which places | only a small amount of RAM and flash memory, which places | |||
limitations on what kind of processing can be performed and how | limitations on what kind of processing can be performed and how | |||
much code can be put on those devices. To reduce code size, fewer | much code can be put on those devices. To reduce code size, fewer | |||
and smaller protocol implementations can be put on the firmware of | and smaller protocol implementations can be put on the firmware of | |||
such a device. In this case, CoAP may be used instead of HTTP, | such a device. In this case, CoAP may be used instead of HTTP, | |||
symmetric-key cryptography instead of public-key cryptography, and | symmetric-key cryptography may be used instead of public-key | |||
CBOR instead of JSON. An authentication and key establishment | cryptography, and CBOR may be used instead of JSON. An | |||
protocol, e.g., the DTLS handshake, in comparison with assisted | authentication and key establishment protocol, e.g., the DTLS | |||
key establishment, also has an impact on memory and code | handshake, in comparison with assisted key establishment, also | |||
footprints. | have an impact on memory and code footprints. | |||
User Interface Limitations: | User Interface Limitations: | |||
Protecting access to resources is both an important security as | Protecting access to resources is both an important security as | |||
well as privacy feature. End users and enterprise customers may | well as privacy feature. End users and enterprise customers may | |||
not want to give access to the data collected by their IoT device | not want to give access to the data collected by their IoT device | |||
or to functions it may offer to third parties. Since the | or to functions it may offer to third parties. Since the | |||
classical approach of requesting permissions from end users via a | classical approach of requesting permissions from end users via a | |||
rich user interface does not work in many IoT deployment | rich user interface does not work in many IoT deployment | |||
scenarios, these functions need to be delegated to user-controlled | scenarios, these functions need to be delegated to user-controlled | |||
devices that are better suitable for such tasks, such as smart | devices that are better suitable for such tasks, such as | |||
phones and tablets. | smartphones and tablets. | |||
Communication Constraints: | Communication Constraints: | |||
In certain constrained settings an IoT device may not be able to | In certain constrained settings, an IoT device may not be able to | |||
communicate with a given device at all times. Devices may be | communicate with a given device at all times. Devices may be | |||
sleeping, or just disconnected from the Internet because of | sleeping or just disconnected from the Internet because of general | |||
general lack of connectivity in the area, for cost reasons, or for | lack of connectivity in the area for cost or security reasons, | |||
security reasons, e.g., to avoid an entry point for Denial-of- | e.g., to avoid an entry point for denial-of-service attacks. | |||
Service attacks. | ||||
The communication interactions this framework builds upon (as | The communication interactions this framework builds upon (as | |||
shown graphically in Figure 1) may be accomplished using a variety | shown graphically in Figure 1) may be accomplished using a variety | |||
of different protocols, and not all parts of the message flow are | of different protocols, and not all parts of the message flow are | |||
used in all applications due to the communication constraints. | used in all applications due to the communication constraints. | |||
Deployments making use of CoAP are expected, but this framework is | Deployments making use of CoAP are expected, but this framework is | |||
not limited to them. Other protocols such as HTTP, or even | not limited to them. Other protocols, such as HTTP or Bluetooth | |||
protocols such as Bluetooth Smart communication that do not | Smart communication, that do not necessarily use IP could also be | |||
necessarily use IP, could also be used. The latter raises the | used. The latter raises the need for application-layer security | |||
need for application-layer security over the various interfaces. | over the various interfaces. | |||
In the light of these constraints we have made the following design | In the light of these constraints, we have made the following design | |||
decisions: | decisions: | |||
CBOR, COSE, CWT: | CBOR, COSE, CWT: | |||
When using this framework, it is RECOMMENDED to use CBOR [RFC8949] | When using this framework, it is RECOMMENDED to use CBOR [RFC8949] | |||
as data format. Where CBOR data needs to be protected, the use of | as the data format. Where CBOR data needs to be protected, the | |||
COSE [RFC8152] is RECOMMENDED. Furthermore, where self-contained | use of COSE [RFC8152] is RECOMMENDED. Furthermore, where self- | |||
tokens are needed, it is RECOMMENDED to use of CWT [RFC8392]. | contained tokens are needed, it is RECOMMENDED to use CWT | |||
These measures aim at reducing the size of messages sent over the | [RFC8392]. These measures aim at reducing the size of messages | |||
wire, the RAM size of data objects that need to be kept in memory | sent over the wire, the RAM size of data objects that need to be | |||
and the size of libraries that devices need to support. | kept in memory, and the size of libraries that devices need to | |||
support. | ||||
CoAP: | CoAP: | |||
When using this framework, it is RECOMMENDED to use of CoAP | When using this framework, it is RECOMMENDED to use CoAP [RFC7252] | |||
[RFC7252] instead of HTTP. This does not preclude the use of | instead of HTTP. This does not preclude the use of other | |||
other protocols specifically aimed at constrained devices, like, | protocols specifically aimed at constrained devices, e.g., | |||
e.g., Bluetooth Low Energy (see Section 3.2). This aims again at | Bluetooth Low Energy (see Section 3.2). This aims again at | |||
reducing the size of messages sent over the wire, the RAM size of | reducing the size of messages sent over the wire, the RAM size of | |||
data objects that need to be kept in memory and the size of | data objects that need to be kept in memory, and the size of | |||
libraries that devices need to support. | libraries that devices need to support. | |||
Access Information: | Access Information: | |||
This framework defines the name "Access Information" for data | This framework defines the name "Access Information" for data | |||
concerning the RS that the AS returns to the client in an access | concerning the RS that the AS returns to the client in an access | |||
token response (see Section 5.8.2). This aims at enabling | token response (see Section 5.8.2). This aims at enabling | |||
scenarios where a powerful client, supporting multiple profiles, | scenarios where a powerful client supporting multiple profiles | |||
needs to interact with an RS for which it does not know the | needs to interact with an RS for which it does not know the | |||
supported profiles and the raw public key. | supported profiles and the raw public key. | |||
Proof-of-Possession: | ||||
Proof of Possession: | ||||
This framework makes use of proof-of-possession tokens, using the | This framework makes use of proof-of-possession tokens, using the | |||
"cnf" claim [RFC8747]. A request parameter "cnf" and a Response | "cnf" claim [RFC8747]. A request parameter "cnf" and a Response | |||
parameter "cnf", both having a value space semantically and | parameter "cnf", both having a value space semantically and | |||
syntactically identical to the "cnf" claim, are defined for the | syntactically identical to the "cnf" claim, are defined for the | |||
token endpoint, to allow requesting and stating confirmation keys. | token endpoint to allow requesting and stating confirmation keys. | |||
This aims at making token theft harder. Token theft is | This aims at making token theft harder. Token theft is | |||
specifically relevant in constrained use cases, as communication | specifically relevant in constrained use cases, as communication | |||
often passes through middle-boxes, which could be able to steal | often passes through middleboxes, which could be able to steal | |||
bearer tokens and use them to gain unauthorized access. | bearer tokens and use them to gain unauthorized access. | |||
Authz-Info endpoint: | Authz-Info endpoint: | |||
This framework introduces a new way of providing access tokens to | This framework introduces a new way of providing access tokens to | |||
an RS by exposing a authz-info endpoint, to which access tokens | an RS by exposing an authz-info endpoint to which access tokens | |||
can be POSTed. This aims at reducing the size of the request | can be POSTed. This aims at reducing the size of the request | |||
message and the code complexity at the RS. The size of the | message and the code complexity at the RS. The size of the | |||
request message is problematic, since many constrained protocols | request message is problematic, since many constrained protocols | |||
have severe message size limitations at the physical layer (e.g., | have severe message size limitations at the physical layer (e.g., | |||
in the order of 100 bytes). This means that larger packets get | in the order of 100 bytes). This means that larger packets get | |||
fragmented, which in turn combines badly with the high rate of | fragmented, which in turn combines badly with the high rate of | |||
packet loss, and the need to retransmit the whole message if one | packet loss and the need to retransmit the whole message if one | |||
packet gets lost. Thus separating sending of the request and | packet gets lost. Thus, separating sending of the request and | |||
sending of the access tokens helps to reduce fragmentation. | sending of the access tokens helps to reduce fragmentation. | |||
Client Credentials Grant: | Client Credentials Grant: | |||
In this framework the use of the client credentials grant is | In this framework, the use of the client credentials grant is | |||
RECOMMENDED for machine-to-machine communication use cases, where | RECOMMENDED for machine-to-machine communication use cases, where | |||
manual intervention of the resource owner to produce a grant token | manual intervention of the resource owner to produce a grant token | |||
is not feasible. The intention is that the resource owner would | is not feasible. The intention is that the resource owner would | |||
instead pre-arrange authorization with the AS, based on the | instead prearrange authorization with the AS based on the client's | |||
client's own credentials. The client can then (without manual | own credentials. The client can then (without manual | |||
intervention) obtain access tokens from the AS. | intervention) obtain access tokens from the AS. | |||
Introspection: | Introspection: | |||
In this framework the use of access token introspection is | In this framework, the use of access token introspection is | |||
RECOMMENDED in cases where the client is constrained in a way that | RECOMMENDED in cases where the client is constrained in a way that | |||
it can not easily obtain new access tokens (i.e. it has | it cannot easily obtain new access tokens (i.e., it has | |||
connectivity issues that prevent it from communicating with the | connectivity issues that prevent it from communicating with the | |||
AS). In that case it is RECOMMENDED to use a long-term token, | AS). In that case, it is RECOMMENDED to use a long-term token | |||
that could be a simple reference. The RS is assumed to be able to | that could be a simple reference. The RS is assumed to be able to | |||
communicate with the AS, and can therefore perform introspection, | communicate with the AS and can therefore perform introspection in | |||
in order to learn the claims associated with the token reference. | order to learn the claims associated with the token reference. | |||
The advantage of such an approach is that the resource owner can | The advantage of such an approach is that the resource owner can | |||
change the claims associated to the token reference without having | change the claims associated to the token reference without having | |||
to be in contact with the client, thus granting or revoking access | to be in contact with the client, thus granting or revoking access | |||
rights. | rights. | |||
Appendix B. Roles and Responsibilities | Appendix B. Roles and Responsibilities | |||
Resource Owner | Resource Owner | |||
* Make sure that the RS is registered at the AS. This includes | * Make sure that the RS is registered at the AS. This includes | |||
making known to the AS which profiles, token_type, scopes, and | making known to the AS which profiles, token_type, scopes, and | |||
skipping to change at page 70, line 7 ¶ | skipping to change at line 3277 ¶ | |||
Resource Owner | Resource Owner | |||
* Make sure that the RS is registered at the AS. This includes | * Make sure that the RS is registered at the AS. This includes | |||
making known to the AS which profiles, token_type, scopes, and | making known to the AS which profiles, token_type, scopes, and | |||
key types (symmetric/asymmetric) the RS supports. Also making | key types (symmetric/asymmetric) the RS supports. Also making | |||
it known to the AS which audience(s) the RS identifies itself | it known to the AS which audience(s) the RS identifies itself | |||
with. | with. | |||
* Make sure that clients can discover the AS that is in charge of | * Make sure that clients can discover the AS that is in charge of | |||
the RS. | the RS. | |||
* If the client-credentials grant is used, make sure that the AS | * If the client-credentials grant is used, make sure that the AS | |||
has the necessary, up-to-date, access control policies for the | has the necessary, up-to-date access control policies for the | |||
RS. | RS. | |||
Requesting Party | Requesting Party | |||
* Make sure that the client is provisioned the necessary | * Make sure that the client is provisioned the necessary | |||
credentials to authenticate to the AS. | credentials to authenticate to the AS. | |||
* Make sure that the client is configured to follow the security | * Make sure that the client is configured to follow the security | |||
requirements of the Requesting Party when issuing requests | requirements of the requesting party when issuing requests | |||
(e.g., minimum communication security requirements, trust | (e.g., minimum communication security requirements or trust | |||
anchors). | anchors). | |||
* Register the client at the AS. This includes making known to | * Register the client at the AS. This includes making known to | |||
the AS which profiles, token_types, and key types (symmetric/ | the AS which profiles, token_types, and key types (symmetric/ | |||
asymmetric) the client. | asymmetric) for the client. | |||
Authorization Server | Authorization Server | |||
* Register the RS and manage corresponding security contexts. | * Register the RS and manage corresponding security contexts. | |||
* Register clients and authentication credentials. | * Register clients and authentication credentials. | |||
* Allow Resource Owners to configure and update access control | ||||
* Allow resource owners to configure and update access control | ||||
policies related to their registered RSs. | policies related to their registered RSs. | |||
* Expose the token endpoint to allow clients to request tokens. | * Expose the token endpoint to allow clients to request tokens. | |||
* Authenticate clients that wish to request a token. | * Authenticate clients that wish to request a token. | |||
* Process a token request using the authorization policies | * Process a token request using the authorization policies | |||
configured for the RS. | configured for the RS. | |||
* Optionally: Expose the introspection endpoint that allows RS's | ||||
* Optionally, expose the introspection endpoint that allows RSs | ||||
to submit token introspection requests. | to submit token introspection requests. | |||
* If providing an introspection endpoint: Authenticate RSs that | ||||
* If providing an introspection endpoint, authenticate RSs that | ||||
wish to get an introspection response. | wish to get an introspection response. | |||
* If providing an introspection endpoint: Process token | ||||
* If providing an introspection endpoint, process token | ||||
introspection requests. | introspection requests. | |||
* Optionally: Handle token revocation. | ||||
* Optionally: Provide discovery metadata. See [RFC8414] | * Optionally, handle token revocation. | |||
* Optionally: Handle refresh tokens. | ||||
* Optionally, provide discovery metadata. See [RFC8414]. | ||||
* Optionally, handle refresh tokens. | ||||
Client | Client | |||
* Discover the AS in charge of the RS that is to be targeted with | * Discover the AS in charge of the RS that is to be targeted with | |||
a request. | a request. | |||
* Submit the token request (see step (A) of Figure 1). | * Submit the token request (see step (A) of Figure 1). | |||
- Authenticate to the AS. | - Authenticate to the AS. | |||
- Optionally (if not pre-configured): Specify which RS, which | ||||
- Optionally (if not preconfigured), specify which RS, which | ||||
resource(s), and which action(s) the request(s) will target. | resource(s), and which action(s) the request(s) will target. | |||
- If raw public keys (rpk) or certificates are used, make sure | ||||
the AS has the right rpk or certificate for this client. | - If raw public keys (RPKs) or certificates are used, make | |||
sure the AS has the right RPK or certificate for this | ||||
client. | ||||
* Process the access token and Access Information (see step (B) | * Process the access token and Access Information (see step (B) | |||
of Figure 1). | of Figure 1). | |||
- Check that the Access Information provides the necessary | - Check that the Access Information provides the necessary | |||
security parameters (e.g., PoP key, information on | security parameters (e.g., PoP key or information on | |||
communication security protocols supported by the RS). | communication security protocols supported by the RS). | |||
- Safely store the proof-of-possession key. | - Safely store the proof-of-possession key. | |||
- If provided by the AS: Safely store the refresh token. | - If provided by the AS, safely store the refresh token. | |||
* Send the token and request to the RS (see step (C) of | * Send the token and request to the RS (see step (C) of | |||
Figure 1). | Figure 1). | |||
- Authenticate towards the RS (this could coincide with the | - Authenticate towards the RS (this could coincide with the | |||
proof of possession process). | proof-of-possession process). | |||
- Transmit the token as specified by the AS (default is to the | - Transmit the token as specified by the AS (default is to the | |||
authz-info endpoint, alternative options are specified by | authz-info endpoint; alternative options are specified by | |||
profiles). | profiles). | |||
- Perform the proof-of-possession procedure as specified by | - Perform the proof-of-possession procedure as specified by | |||
the profile in use (this may already have been taken care of | the profile in use (this may already have been taken care of | |||
through the authentication procedure). | through the authentication procedure). | |||
* Process the RS response (see step (F) of Figure 1) of the RS. | * Process the RS response (see step (F) of Figure 1) of the RS. | |||
Resource Server | Resource Server | |||
* Expose a way to submit access tokens. By default this is the | * Expose a way to submit access tokens. By default, this is the | |||
authz-info endpoint. | authz-info endpoint. | |||
* Process an access token. | * Process an access token. | |||
- Verify the token is from a recognized AS. | - Verify the token is from a recognized AS. | |||
- Check the token's integrity. | - Check the token's integrity. | |||
- Verify that the token applies to this RS. | - Verify that the token applies to this RS. | |||
- Check that the token has not expired (if the token provides | - Check that the token has not expired (if the token provides | |||
expiration information). | expiration information). | |||
- Store the token so that it can be retrieved in the context | - Store the token so that it can be retrieved in the context | |||
of a matching request. | of a matching request. | |||
Note: The order proposed here is not normative, any process | ||||
Note: The order proposed here is not normative; any process | ||||
that arrives at an equivalent result can be used. A noteworthy | that arrives at an equivalent result can be used. A noteworthy | |||
consideration is whether one can use cheap operations early on | consideration is whether one can use cheap operations early on | |||
to quickly discard non-applicable or invalid tokens, before | to quickly discard nonapplicable or invalid tokens before | |||
performing expensive cryptographic operations (e.g. doing an | performing expensive cryptographic operations (e.g., doing an | |||
expiration check before verifying a signature). | expiration check before verifying a signature). | |||
* Process a request. | * Process a request. | |||
- Set up communication security with the client. | - Set up communication security with the client. | |||
- Authenticate the client. | - Authenticate the client. | |||
- Match the client against existing tokens. | - Match the client against existing tokens. | |||
- Check that tokens belonging to the client actually authorize | - Check that tokens belonging to the client actually authorize | |||
the requested action. | the requested action. | |||
- Optionally: Check that the matching tokens are still valid, | ||||
- Optionally, check that the matching tokens are still valid, | ||||
using introspection (if this is possible.) | using introspection (if this is possible.) | |||
* Send a response following the agreed upon communication | * Send a response following the agreed upon communication | |||
security mechanism(s). | security mechanism(s). | |||
* Safely store credentials such as raw public keys for | ||||
* Safely store credentials, such as raw public keys, for | ||||
authentication or proof-of-possession keys linked to access | authentication or proof-of-possession keys linked to access | |||
tokens. | tokens. | |||
Appendix C. Requirements on Profiles | Appendix C. Requirements on Profiles | |||
This section lists the requirements on profiles of this framework, | This section lists the requirements on profiles of this framework for | |||
for the convenience of profile designers. | the convenience of profile designers. | |||
* Optionally, define new methods for the client to discover the | ||||
necessary permissions and AS for accessing a resource different | ||||
from the one proposed in Sections 5.1 and 4 | ||||
* Optionally, specify new grant types (Section 5.4). | ||||
* Optionally, define the use of client certificates as client | ||||
credential type (Section 5.5). | ||||
* Specify the communication protocol the client and RS must use | ||||
(e.g., CoAP) (Sections 5 and 5.8.4.3). | ||||
* Optionally define new methods for the client to discover the | ||||
necessary permissions and AS for accessing a resource, different | ||||
from the one proposed in Section 5.1. Section 4 | ||||
* Optionally specify new grant types. Section 5.4 | ||||
* Optionally define the use of client certificates as client | ||||
credential type. Section 5.5 | ||||
* Specify the communication protocol the client and RS the must use | ||||
(e.g., CoAP). Section 5 and Section 5.8.4.3 | ||||
* Specify the security protocol the client and RS must use to | * Specify the security protocol the client and RS must use to | |||
protect their communication (e.g., OSCORE or DTLS). This must | protect their communication (e.g., OSCORE or DTLS). This must | |||
provide encryption, integrity and replay protection. | provide encryption and integrity and replay protection | |||
Section 5.8.4.3 | (Section 5.8.4.3). | |||
* Specify how the client and the RS mutually authenticate. | ||||
Section 4 | * Specify how the client and the RS mutually authenticate | |||
* Specify the proof-of-possession protocol(s) and how to select one, | (Section 4). | |||
* Specify the proof-of-possession protocol(s) and how to select one | ||||
if several are available. Also specify which key types (e.g., | if several are available. Also specify which key types (e.g., | |||
symmetric/asymmetric) are supported by a specific proof-of- | symmetric/asymmetric) are supported by a specific proof-of- | |||
possession protocol. Section 5.8.4.2 | possession protocol (Section 5.8.4.2). | |||
* Specify a unique ace_profile identifier. Section 5.8.4.3 | ||||
* If introspection is supported: Specify the communication and | * Specify a unique ace_profile identifier (Section 5.8.4.3). | |||
security protocol for introspection. Section 5.9 | ||||
* If introspection is supported, specify the communication and | ||||
security protocol for introspection (Section 5.9). | ||||
* Specify the communication and security protocol for interactions | * Specify the communication and security protocol for interactions | |||
between client and AS. This must provide encryption, integrity | between the client and AS. This must provide encryption, | |||
protection, replay protection and a binding between requests and | integrity protection, replay protection, and a binding between | |||
responses. Section 5 and Section 5.8 | requests and responses (Sections 5 and 5.8). | |||
* Specify how/if the authz-info endpoint is protected, including how | * Specify how/if the authz-info endpoint is protected, including how | |||
error responses are protected. Section 5.10.1 | error responses are protected (Section 5.10.1). | |||
* Optionally define other methods of token transport than the authz- | ||||
info endpoint. Section 5.10.1 | ||||
Appendix D. Assumptions on AS Knowledge about C and RS | * Optionally, define other methods of token transport than the | |||
authz-info endpoint (Section 5.10.1). | ||||
Appendix D. Assumptions on AS Knowledge about the C and RS | ||||
This section lists the assumptions on what an AS should know about a | This section lists the assumptions on what an AS should know about a | |||
client and an RS in order to be able to respond to requests to the | client and an RS in order to be able to respond to requests to the | |||
token and introspection endpoints. How this information is | token and introspection endpoints. How this information is | |||
established is out of scope for this document. | established is out of scope for this document. | |||
* The identifier of the client or RS. | * The identifier of the client or RS. | |||
* The profiles that the client or RS supports. | * The profiles that the client or RS supports. | |||
* The scopes that the RS supports. | * The scopes that the RS supports. | |||
* The audiences that the RS identifies with. | * The audiences that the RS identifies with. | |||
* The key types (e.g., pre-shared symmetric key, raw public key, key | * The key types (e.g., pre-shared symmetric key, raw public key, key | |||
length, other key parameters) that the client or RS supports. | length, and other key parameters) that the client or RS supports. | |||
* The types of access tokens the RS supports (e.g., CWT). | * The types of access tokens the RS supports (e.g., CWT). | |||
* If the RS supports CWTs, the COSE parameters for the crypto | * If the RS supports CWTs, the COSE parameters for the crypto | |||
wrapper (e.g., algorithm, key-wrap algorithm, key-length) that the | wrapper (e.g., algorithm, key-wrap algorithm, and key-length) that | |||
RS supports. | the RS supports. | |||
* The expiration time for access tokens issued to this RS (unless | * The expiration time for access tokens issued to this RS (unless | |||
the RS accepts a default time chosen by the AS). | the RS accepts a default time chosen by the AS). | |||
* The symmetric key shared between client and AS (if any). | ||||
* The symmetric key shared between RS and AS (if any). | * The symmetric key shared between the client and AS (if any). | |||
* The symmetric key shared between the RS and AS (if any). | ||||
* The raw public key of the client or RS (if any). | * The raw public key of the client or RS (if any). | |||
* Whether the RS has synchronized time (and thus is able to use the | * Whether the RS has synchronized time (and thus is able to use the | |||
'exp' claim) or not. | 'exp' claim) or not. | |||
Appendix E. Differences to OAuth 2.0 | Appendix E. Differences to OAuth 2.0 | |||
This document adapts OAuth 2.0 to be suitable for constrained | This document adapts OAuth 2.0 to be suitable for constrained | |||
environments. This sections lists the main differences from the | environments. This section lists the main differences from the | |||
normative requirements of OAuth 2.0. | normative requirements of OAuth 2.0. | |||
* Use of TLS -- OAuth 2.0 requires the use of TLS both to protect | Use of TLS | |||
the communication between AS and client when requesting an access | OAuth 2.0 requires the use of TLS to protect the communication | |||
token; between client and RS when accessing a resource and between | between the AS and client when requesting an access token, between | |||
AS and RS if introspection is used. This framework requires | the client and RS when accessing a resource, and between the AS | |||
similar security properties, but does not require that they be | and RS if introspection is used. This framework requires similar | |||
realized with TLS. See Section 5. | security properties but does not require that they be realized | |||
* Cardinality of "grant_type" parameter -- In client-to-AS requests | with TLS. See Section 5. | |||
using OAuth 2.0, the "grant_type" parameter is required (per | ||||
[RFC6749]). In this framework, this parameter is optional. See | Cardinality of "grant_type" parameter | |||
Section 5.8.1. | In client-to-AS requests using OAuth 2.0, the "grant_type" | |||
* Encoding of "scope" parameter -- In client-to-AS requests using | parameter is required (per [RFC6749]). In this framework, this | |||
OAuth 2.0, the "scope" parameter is string encoded (per | parameter is optional. See Section 5.8.1. | |||
[RFC6749]). In this framework, this parameter may also be encoded | ||||
as a byte string. See Section 5.8.1. | Encoding of "scope" parameter | |||
* Cardinality of "token_type" parameter -- in AS-to-client responses | In client-to-AS requests using OAuth 2.0, the "scope" parameter is | |||
using OAuth 2.0, the token_type parameter is required (per | string encoded (per [RFC6749]). In this framework, this parameter | |||
[RFC6749]). In this framework, this parameter is optional. See | may also be encoded as a byte string. See Section 5.8.1. | |||
Section 5.8.2. | ||||
* Access token retention -- in OAuth 2.0, the access token may be | Cardinality of "token_type" parameter | |||
sent with every request to the RS. The exact use of access tokens | In AS-to-client responses using OAuth 2.0, the token_type | |||
depends on the semantics of the application and the session | parameter is required (per [RFC6749]). In this framework, this | |||
management concept it uses. In this framework, the RS must be | parameter is optional. See Section 5.8.2. | |||
able to store these tokens for later use. See Section 5.10.1. | ||||
Access token retention | ||||
In OAuth 2.0, the access token may be sent with every request to | ||||
the RS. The exact use of access tokens depends on the semantics | ||||
of the application and the session management concept it uses. In | ||||
this framework, the RS must be able to store these tokens for | ||||
later use. See Section 5.10.1. | ||||
Appendix F. Deployment Examples | Appendix F. Deployment Examples | |||
There is a large variety of IoT deployments, as is indicated in | There is a large variety of IoT deployments, as is indicated in | |||
Appendix A, and this section highlights a few common variants. This | Appendix A, and this section highlights a few common variants. This | |||
section is not normative but illustrates how the framework can be | section is not normative but illustrates how the framework can be | |||
applied. | applied. | |||
For each of the deployment variants, there are a number of possible | For each of the deployment variants, there are a number of possible | |||
security setups between clients, resource servers and authorization | security setups between clients, resource servers, and authorization | |||
servers. The main focus in the following subsections is on how | servers. The main focus in the following subsections is on how | |||
authorization of a client request for a resource hosted by an RS is | authorization of a client request for a resource hosted by an RS is | |||
performed. This requires the security of the requests and responses | performed. This requires the security of the requests and responses | |||
between the clients and the RS to be considered. | between the clients and the RS to be considered. | |||
Note: CBOR diagnostic notation is used for examples of requests and | Note: CBOR diagnostic notation is used for examples of requests and | |||
responses. | responses. | |||
F.1. Local Token Validation | F.1. Local Token Validation | |||
In this scenario, the case where the resource server is offline is | In this scenario, the case where the resource server is offline is | |||
considered, i.e., it is not connected to the AS at the time of the | considered, i.e., it is not connected to the AS at the time of the | |||
access request. This access procedure involves steps A, B, C, and F | access request. This access procedure involves steps (A), (B), (C), | |||
of Figure 1. | and (F) of Figure 1. | |||
Since the resource server must be able to verify the access token | Since the resource server must be able to verify the access token | |||
locally, self-contained access tokens must be used. | locally, self-contained access tokens must be used. | |||
This example shows the interactions between a client, the | This example shows the interactions between a client, the | |||
authorization server and a temperature sensor acting as a resource | authorization server, and a temperature sensor acting as a resource | |||
server. Message exchanges A and B are shown in Figure 17. | server. Message exchanges A and B are shown in Figure 11. | |||
A: The client first generates a public-private key pair used for | A: The client first generates a public-private key pair used for | |||
communication security with the RS. | communication security with the RS. | |||
The client sends a CoAP POST request to the token endpoint at the | ||||
AS. The security of this request can be transport or application | The client sends a CoAP POST request to the token endpoint at the | |||
layer. It is up the communication security profile to define. In | AS. The security of this request can be transport or application | |||
the example it is assumed that both client and AS have performed | layer. It is up the communication security profile to define. | |||
mutual authentication e.g. via DTLS. The request contains the | In the example, it is assumed that both the client and AS have | |||
public key of the client and the Audience parameter set to | performed mutual authentication, e.g., via DTLS. The request | |||
"tempSensorInLivingRoom", a value that the temperature sensor | contains the public key of the client and the audience parameter | |||
identifies itself with. The AS evaluates the request and | set to "tempSensorInLivingRoom", a value that the temperature | |||
authorizes the client to access the resource. | sensor identifies itself with. The AS evaluates the request and | |||
B: The AS responds with a 2.05 Content response containing the | authorizes the client to access the resource. | |||
Access Information, including the access token. The PoP access | ||||
token contains the public key of the client, and the Access | B: The AS responds with a 2.05 (Content) response containing the | |||
Information contains the public key of the RS. For communication | Access Information, including the access token. The PoP access | |||
security this example uses DTLS RawPublicKey between the client | token contains the public key of the client, and the Access | |||
and the RS. The issued token will have a short validity time, | Information contains the public key of the RS. For communication | |||
i.e., "exp" close to "iat", in order to mitigate attacks using | security, this example uses DTLS RawPublicKey between the client | |||
stolen client credentials. The token includes the claim such as | and the RS. The issued token will have a short validity time, | |||
"scope" with the authorized access that an owner of the | i.e., "exp" close to "iat", in order to mitigate attacks using | |||
temperature device can enjoy. In this example, the "scope" claim, | stolen client credentials. The token includes claims, such as | |||
issued by the AS, informs the RS that the owner of the token, that | "scope", with the authorized access that an owner of the | |||
can prove the possession of a key is authorized to make a GET | temperature device can enjoy. In this example, the "scope" claim | |||
request against the /temperature resource and a POST request on | issued by the AS informs the RS that the owner of the token that | |||
the /firmware resource. Note that the syntax and semantics of the | can prove the possession of a key is authorized to make a GET | |||
scope claim are application specific. | request against the /temperature resource and a POST request on | |||
Note: In this example it is assumed that the client knows what | the /firmware resource. Note that the syntax and semantics of | |||
resource it wants to access, and is therefore able to request | the scope claim are application specific. | |||
specific audience and scope claims for the access token. | ||||
Note: In this example, it is assumed that the client knows what | ||||
resource it wants to access and is therefore able to request | ||||
specific audience and scope claims for the access token. | ||||
Authorization | Authorization | |||
Client Server | Client Server | |||
| | | | | | |||
|<=======>| DTLS Connection Establishment | |<=======>| DTLS Connection Establishment | |||
| | and mutual authentication | | | and mutual authentication | |||
| | | | | | |||
A: +-------->| Header: POST (Code=0.02) | A: +-------->| Header: POST (Code=0.02) | |||
| POST | Uri-Path:"token" | | POST | Uri-Path:"token" | |||
| | Content-Format: application/ace+cbor | | | Content-Format: application/ace+cbor | |||
| | Payload: <Request-Payload> | | | Payload: <Request-Payload> | |||
| | | | | | |||
B: |<--------+ Header: 2.05 Content | B: |<--------+ Header: 2.05 Content | |||
| 2.05 | Content-Format: application/ace+cbor | | 2.05 | Content-Format: application/ace+cbor | |||
| | Payload: <Response-Payload> | | | Payload: <Response-Payload> | |||
| | | | | | |||
Figure 17: Token Request and Response Using Client Credentials. | Figure 11: Token Request and Response Using Client Credentials | |||
The information contained in the Request-Payload and the Response- | The information contained in the Request-Payload and the Response- | |||
Payload is shown in Figure 18 Note that the parameter "rs_cnf" from | Payload is shown in Figure 12. Note that the parameter "rs_cnf" from | |||
[I-D.ietf-ace-oauth-params] is used to inform the client about the | [RFC9201] is used to inform the client about the resource server's | |||
resource server's public key. | public key. | |||
Request-Payload : | Request-Payload : | |||
{ | { | |||
"audience" : "tempSensorInLivingRoom", | "audience" : "tempSensorInLivingRoom", | |||
"client_id" : "myclient", | "client_id" : "myclient", | |||
"req_cnf" : { | "req_cnf" : { | |||
"COSE_Key" : { | "COSE_Key" : { | |||
"kid" : b64'1Bg8vub9tLe1gHMzV76e8', | "kid" : b64'1Bg8vub9tLe1gHMzV76e8', | |||
"kty" : "EC", | "kty" : "EC", | |||
"crv" : "P-256", | "crv" : "P-256", | |||
skipping to change at page 76, line 34 ¶ | skipping to change at line 3647 ¶ | |||
"COSE_Key" : { | "COSE_Key" : { | |||
"kid" : b64'c29tZSBwdWJsaWMga2V5IGlk', | "kid" : b64'c29tZSBwdWJsaWMga2V5IGlk', | |||
"kty" : "EC", | "kty" : "EC", | |||
"crv" : "P-256", | "crv" : "P-256", | |||
"x" : b64'MKBCTNIcKUSDii11ySs3526iDZ8AiTo7Tu6KPAqv7D4', | "x" : b64'MKBCTNIcKUSDii11ySs3526iDZ8AiTo7Tu6KPAqv7D4', | |||
"y" : b64'4Etl6SRW2YiLUrN5vfvVHuhp7x8PxltmWWlbbM4IFyM' | "y" : b64'4Etl6SRW2YiLUrN5vfvVHuhp7x8PxltmWWlbbM4IFyM' | |||
} | } | |||
} | } | |||
} | } | |||
Figure 18: Request and Response Payload Details. | Figure 12: Request and Response Payload Details | |||
The content of the access token is shown in Figure 19. | The content of the access token is shown in Figure 13. | |||
{ | { | |||
"aud" : "tempSensorInLivingRoom", | "aud" : "tempSensorInLivingRoom", | |||
"iat" : "1563451500", | "iat" : "1563451500", | |||
"exp" : "1563453000", | "exp" : "1563453000", | |||
"scope" : "temperature_g firmware_p", | "scope" : "temperature_g firmware_p", | |||
"cnf" : { | "cnf" : { | |||
"COSE_Key" : { | "COSE_Key" : { | |||
"kid" : b64'1Bg8vub9tLe1gHMzV76e8', | "kid" : b64'1Bg8vub9tLe1gHMzV76e8', | |||
"kty" : "EC", | "kty" : "EC", | |||
"crv" : "P-256", | "crv" : "P-256", | |||
"x" : b64'f83OJ3D2xF1Bg8vub9tLe1gHMzV76e8Tus9uPHvRVEU', | "x" : b64'f83OJ3D2xF1Bg8vub9tLe1gHMzV76e8Tus9uPHvRVEU', | |||
"y" : b64'x_FEzRu9m36HLN_tue659LNpXW6pCyStikYjKIWI5a0' | "y" : b64'x_FEzRu9m36HLN_tue659LNpXW6pCyStikYjKIWI5a0' | |||
} | } | |||
} | } | |||
} | } | |||
Figure 19: Access Token including Public Key of the client. | ||||
Messages C and F are shown in Figure 20 - Figure 21. | Figure 13: Access Token Including Public Key of the Client | |||
C: The client then sends the PoP access token to the authz-info | Messages C and F are shown in Figures 14 and 15. | |||
endpoint at the RS. This is a plain CoAP POST request, i.e., no | ||||
transport or application-layer security is used between client and | ||||
RS since the token is integrity protected between the AS and RS. | ||||
The RS verifies that the PoP access token was created by a known | ||||
and trusted AS, that it applies to this RS, and that it is valid. | ||||
The RS caches the security context together with authorization | ||||
information about this client contained in the PoP access token. | ||||
Resource | C: The client then sends the PoP access token to the authz-info | |||
Client Server | endpoint at the RS. This is a plain CoAP POST request, i.e., no | |||
| | | transport or application-layer security is used between the | |||
C: +-------->| Header: POST (Code=0.02) | client and RS since the token is integrity protected between the | |||
| POST | Uri-Path:"authz-info" | AS and RS. The RS verifies that the PoP access token was created | |||
| | Payload: 0INDoQEKoQVN ... | by a known and trusted AS, which it applies to this RS, and that | |||
| | | it is valid. The RS caches the security context together with | |||
|<--------+ Header: 2.04 Changed | authorization information about this client contained in the PoP | |||
| 2.04 | | access token. | |||
| | | ||||
Figure 20: Access Token provisioning to RS | Resource | |||
The client and the RS runs the DTLS handshake using the raw public | Client Server | |||
keys established in step B and C. | | | | |||
The client sends a CoAP GET request to /temperature on RS over | C: +-------->| Header: POST (Code=0.02) | |||
DTLS. The RS verifies that the request is authorized, based on | | POST | Uri-Path:"authz-info" | |||
previously established security context. | | | Payload: 0INDoQEKoQVN ... | |||
F: The RS responds over the same DTLS channel with a CoAP 2.05 | | | | |||
Content response, containing a resource representation as payload. | |<--------+ Header: 2.04 Changed | |||
| 2.04 | | ||||
| | | ||||
Figure 14: Access Token Provisioning to the RS | ||||
The client and the RS runs the DTLS handshake using the raw public | ||||
keys established in steps B and C. | ||||
The client sends a CoAP GET request to /temperature on the RS over | ||||
DTLS. The RS verifies that the request is authorized based on | ||||
previously established security context. | ||||
F: The RS responds over the same DTLS channel with a CoAP 2.05 | ||||
Content response containing a resource representation as payload. | ||||
Resource | Resource | |||
Client Server | Client Server | |||
| | | | | | |||
|<=======>| DTLS Connection Establishment | |<=======>| DTLS Connection Establishment | |||
| | using Raw Public Keys | | | using Raw Public Keys | |||
| | | | | | |||
+-------->| Header: GET (Code=0.01) | +-------->| Header: GET (Code=0.01) | |||
| GET | Uri-Path: "temperature" | | GET | Uri-Path: "temperature" | |||
| | | | | | |||
| | | | | | |||
| | | | | | |||
F: |<--------+ Header: 2.05 Content | F: |<--------+ Header: 2.05 Content | |||
| 2.05 | Payload: <sensor value> | | 2.05 | Payload: <sensor value> | |||
| | | | | | |||
Figure 21: Resource Request and Response protected by DTLS. | ||||
Figure 15: Resource Request and Response Protected by DTLS | ||||
F.2. Introspection Aided Token Validation | F.2. Introspection Aided Token Validation | |||
In this deployment scenario it is assumed that a client is not able | In this deployment scenario, it is assumed that a client is not able | |||
to access the AS at the time of the access request, whereas the RS is | to access the AS at the time of the access request, whereas the RS is | |||
assumed to be connected to the back-end infrastructure. Thus the RS | assumed to be connected to the back-end infrastructure. Thus, the RS | |||
can make use of token introspection. This access procedure involves | can make use of token introspection. This access procedure involves | |||
steps A-F of Figure 1, but assumes steps A and B have been carried | steps (A)-(F) of Figure 1 but assumes steps (A) and (B) have been | |||
out during a phase when the client had connectivity to AS. | carried out during a phase when the client had connectivity to the | |||
AS. | ||||
Since the client is assumed to be offline, at least for a certain | Since the client is assumed to be offline, at least for a certain | |||
period of time, a pre-provisioned access token has to be long-lived. | period of time, a preprovisioned access token has to be long lived. | |||
Since the client is constrained, the token will not be self contained | Since the client is constrained, the token will not be self-contained | |||
(i.e. not a CWT) but instead just a reference. The resource server | (i.e., not a CWT) but instead just a reference. The resource server | |||
uses its connectivity to learn about the claims associated to the | uses its connectivity to learn about the claims associated to the | |||
access token by using introspection, which is shown in the example | access token by using introspection, which is shown in the example | |||
below. | below. | |||
In the example interactions between an offline client (key fob), an | In the example, interactions between an offline client (key fob), an | |||
RS (online lock), and an AS is shown. It is assumed that there is a | RS (online lock), and an AS is shown. It is assumed that there is a | |||
provisioning step where the client has access to the AS. This | provisioning step where the client has access to the AS. This | |||
corresponds to message exchanges A and B which are shown in | corresponds to message exchanges A and B, which are shown in | |||
Figure 22. | Figure 16. | |||
Authorization consent from the resource owner can be pre-configured, | Authorization consent from the resource owner can be preconfigured, | |||
but it can also be provided via an interactive flow with the resource | but it can also be provided via an interactive flow with the resource | |||
owner. An example of this for the key fob case could be that the | owner. An example of this for the key fob case could be that the | |||
resource owner has a connected car, he buys a generic key that he | resource owner has a connected car that he buys a generic key for and | |||
wants to use with the car. To authorize the key fob he connects it | wants to use with the car. To authorize the key fob, he connects it | |||
to his computer that then provides the UI for the device. After that | to his computer that then provides the UI for the device. After | |||
OAuth 2.0 implicit flow can used to authorize the key for his car at | that, OAuth 2.0 implicit flow can be used to authorize the key for | |||
the car manufacturers AS. | his car at the car manufacturers AS. | |||
Note: In this example the client does not know the exact door it will | Note: In this example, the client does not know the exact door it | |||
be used to access since the token request is not send at the time of | will be used to access since the token request is not sent at the | |||
access. So the scope and audience parameters are set quite wide to | time of access. So the scope and audience parameters are set quite | |||
start with, while tailored values narrowing down the claims to the | wide to start with, while tailored values narrowing down the claims | |||
specific RS being accessed can be provided to that RS during an | to the specific RS being accessed can be provided to that RS during | |||
introspection step. | an introspection step. | |||
A: The client sends a CoAP POST request to the token endpoint at | A: The client sends a CoAP POST request to the token endpoint at the | |||
AS. The request contains the Audience parameter set to "PACS1337" | AS. The request contains the audience parameter set to | |||
(PACS, Physical Access System), a value the that identifies the | "PACS1337" (Physical Access System (PACS)), a value that | |||
physical access control system to which the individual doors are | identifies the physical access control system to which the | |||
connected. The AS generates an access token as an opaque string, | individual doors are connected. The AS generates an access token | |||
which it can match to the specific client and the targeted | as an opaque string, which it can match to the specific client | |||
audience. It furthermore generates a symmetric proof-of- | and the targeted audience. It furthermore generates a symmetric | |||
possession key. The communication security and authentication | proof-of-possession key. The communication security and | |||
between client and AS is assumed to have been provided at | authentication between the client and AS is assumed to have been | |||
transport layer (e.g. via DTLS) using a pre-shared security | provided at the transport layer (e.g., via DTLS) using a pre- | |||
context (psk, rpk or certificate). | shared security context (pre-shared key (PSK), RPK, or | |||
B: The AS responds with a CoAP 2.05 Content response, containing | certificate). | |||
as payload the Access Information, including the access token and | ||||
the symmetric proof-of-possession key. Communication security | ||||
between C and RS will be DTLS and PreSharedKey. The PoP key is | ||||
used as the PreSharedKey. | ||||
Note: In this example we are using a symmetric key for a multi-RS | B: The AS responds with a CoAP 2.05 Content response, containing as | |||
payload the Access Information, including the access token and | ||||
the symmetric proof-of-possession key. Communication security | ||||
between the C and RS will be DTLS and PreSharedKey. The PoP key | ||||
is used as the PreSharedKey. | ||||
Note: In this example, we are using a symmetric key for a multi-RS | ||||
audience, which is not recommended normally (see Section 6.9). | audience, which is not recommended normally (see Section 6.9). | |||
However in this case the risk is deemed to be acceptable, since all | However, in this case, the risk is deemed to be acceptable, since all | |||
the doors are part of the same physical access control system, and | the doors are part of the same physical access control system; | |||
therefore the risk of a malicious RS impersonating the client towards | therefore, the risk of a malicious RS impersonating the client | |||
another RS is low. | towards another RS is low. | |||
Authorization | Authorization | |||
Client Server | Client Server | |||
| | | | | | |||
|<=======>| DTLS Connection Establishment | |<=======>| DTLS Connection Establishment | |||
| | and mutual authentication | | | and mutual authentication | |||
| | | | | | |||
A: +-------->| Header: POST (Code=0.02) | A: +-------->| Header: POST (Code=0.02) | |||
| POST | Uri-Path:"token" | | POST | Uri-Path:"token" | |||
| | Content-Format: application/ace+cbor | | | Content-Format: application/ace+cbor | |||
| | Payload: <Request-Payload> | | | Payload: <Request-Payload> | |||
| | | | | | |||
B: |<--------+ Header: 2.05 Content | B: |<--------+ Header: 2.05 Content | |||
| | Content-Format: application/ace+cbor | | | Content-Format: application/ace+cbor | |||
| 2.05 | Payload: <Response-Payload> | | 2.05 | Payload: <Response-Payload> | |||
| | | | | | |||
Figure 22: Token Request and Response using Client Credentials. | Figure 16: Token Request and Response Using Client Credentials | |||
The information contained in the Request-Payload and the Response- | The information contained in the Request-Payload and the Response- | |||
Payload is shown in Figure 23. | Payload is shown in Figure 17. | |||
Request-Payload: | Request-Payload: | |||
{ | { | |||
"client_id" : "keyfob", | "client_id" : "keyfob", | |||
"audience" : "PACS1337" | "audience" : "PACS1337" | |||
} | } | |||
Response-Payload: | Response-Payload: | |||
{ | { | |||
"access_token" : b64'VGVzdCB0b2tlbg==', | "access_token" : b64'VGVzdCB0b2tlbg==', | |||
"cnf" : { | "cnf" : { | |||
"COSE_Key" : { | "COSE_Key" : { | |||
"kid" : b64'c29tZSBwdWJsaWMga2V5IGlk', | "kid" : b64'c29tZSBwdWJsaWMga2V5IGlk', | |||
"kty" : "oct", | "kty" : "oct", | |||
"alg" : "HS256", | "alg" : "HS256", | |||
"k": b64'ZoRSOrFzN_FzUA5XKMYoVHyzff5oRJxl-IXRtztJ6uE' | "k": b64'ZoRSOrFzN_FzUA5XKMYoVHyzff5oRJxl-IXRtztJ6uE' | |||
} | } | |||
} | } | |||
} | } | |||
Figure 23: Request and Response Payload for C offline | Figure 17: Request and Response Payload for the C Offline | |||
The access token in this case is just an opaque byte string | In this case, the access token is just an opaque byte string | |||
referencing the authorization information at the AS. | referencing the authorization information at the AS. | |||
C: Next, the client POSTs the access token to the authz-info | C: Next, the client POSTs the access token to the authz-info | |||
endpoint in the RS. This is a plain CoAP request, i.e., no DTLS | endpoint in the RS. This is a plain CoAP request, i.e., no DTLS | |||
between client and RS. Since the token is an opaque string, the | between the client and RS. Since the token is an opaque string, | |||
RS cannot verify it on its own, and thus defers to respond the | the RS cannot verify it on its own, and thus defers to respond to | |||
client with a status code until after step E. | the client with a status code until after step E. | |||
D: The RS sends the token to the introspection endpoint on the AS | D: The RS sends the token to the introspection endpoint on the AS | |||
using a CoAP POST request. In this example RS and AS are assumed | using a CoAP POST request. In this example, the RS and AS are | |||
to have performed mutual authentication using a pre shared | assumed to have performed mutual authentication using a pre- | |||
security context (psk, rpk or certificate) with the RS acting as | shared security context (PSK, RPK, or certificate) with the RS | |||
DTLS client. | acting as the DTLS client. | |||
E: The AS provides the introspection response (2.05 Content) | E: The AS provides the introspection response (2.05 Content) | |||
containing parameters about the token. This includes the | containing parameters about the token. This includes the | |||
confirmation key (cnf) parameter that allows the RS to verify the | confirmation key (cnf) parameter that allows the RS to verify the | |||
client's proof of possession in step F. Note that our example in | client's proof of possession in step F. Note that our example in | |||
Figure 25 assumes a pre-established key (e.g. one used by the | Figure 19 assumes a preestablished key (e.g., one used by the | |||
client and the RS for a previous token) that is now only | client and the RS for a previous token) that is now only | |||
referenced by its key-identifier 'kid'. | referenced by its key identifier 'kid'. | |||
After receiving message E, the RS responds to the client's POST in | ||||
step C with the CoAP response code 2.01 (Created). | ||||
Resource | After receiving message E, the RS responds to the client's POST | |||
Client Server | in step C with the CoAP response code 2.01 (Created). | |||
| | | ||||
C: +-------->| Header: POST (T=CON, Code=0.02) | ||||
| POST | Uri-Path:"authz-info" | ||||
| | Payload: b64'VGVzdCB0b2tlbg==' | ||||
| | | ||||
| | Authorization | ||||
| | Server | ||||
| | | | ||||
| D: +--------->| Header: POST (Code=0.02) | ||||
| | POST | Uri-Path: "introspect" | ||||
| | | Content-Format: "application/ace+cbor" | ||||
| | | Payload: <Request-Payload> | ||||
| | | | ||||
| E: |<---------+ Header: 2.05 Content | ||||
| | 2.05 | Content-Format: "application/ace+cbor" | ||||
| | | Payload: <Response-Payload> | ||||
| | | | ||||
| | | ||||
|<--------+ Header: 2.01 Created | ||||
| 2.01 | | ||||
| | | ||||
Figure 24: Token Introspection for C offline | Resource | |||
The information contained in the Request-Payload and the Response- | Client Server | |||
Payload is shown in Figure 25. | | | | |||
Request-Payload: | C: +-------->| Header: POST (T=CON, Code=0.02) | |||
{ | | POST | Uri-Path:"authz-info" | |||
"token" : b64'VGVzdCB0b2tlbg==', | | | Payload: b64'VGVzdCB0b2tlbg==' | |||
"client_id" : "FrontDoor", | | | | |||
} | | | Authorization | |||
| | Server | ||||
| | | | ||||
| D: +--------->| Header: POST (Code=0.02) | ||||
| | POST | Uri-Path: "introspect" | ||||
| | | Content-Format: "application/ace+cbor" | ||||
| | | Payload: <Request-Payload> | ||||
| | | | ||||
| E: |<---------+ Header: 2.05 Content | ||||
| | 2.05 | Content-Format: "application/ace+cbor" | ||||
| | | Payload: <Response-Payload> | ||||
| | | | ||||
| | | ||||
|<--------+ Header: 2.01 Created | ||||
| 2.01 | | ||||
| | | ||||
Response-Payload: | Figure 18: Token Introspection for the C Offline | |||
{ | ||||
"active" : true, | ||||
"aud" : "lockOfDoor4711", | ||||
"scope" : "open, close", | ||||
"iat" : 1563454000, | ||||
"cnf" : { | ||||
"kid" : b64'c29tZSBwdWJsaWMga2V5IGlk' | ||||
} | ||||
} | ||||
Figure 25: Request and Response Payload for Introspection | The information contained in the Request-Payload and the Response- | |||
Payload is shown in Figure 19. | ||||
The client uses the symmetric PoP key to establish a DTLS | Request-Payload: | |||
PreSharedKey secure connection to the RS. The CoAP request PUT is | { | |||
sent to the uri-path /state on the RS, changing the state of the | "token" : b64'VGVzdCB0b2tlbg==', | |||
door to locked. | "client_id" : "FrontDoor", | |||
F: The RS responds with a appropriate over the secure DTLS | } | |||
channel. | ||||
Response-Payload: | ||||
{ | ||||
"active" : true, | ||||
"aud" : "lockOfDoor4711", | ||||
"scope" : "open, close", | ||||
"iat" : 1563454000, | ||||
"cnf" : { | ||||
"kid" : b64'c29tZSBwdWJsaWMga2V5IGlk' | ||||
} | ||||
} | ||||
Figure 19: Request and Response Payload for Introspection | ||||
The client uses the symmetric PoP key to establish a DTLS | ||||
PreSharedKey secure connection to the RS. The CoAP request PUT is | ||||
sent to the uri-path /state on the RS, changing the state of the door | ||||
to locked. | ||||
F: The RS responds with an appropriate over the secure DTLS channel. | ||||
Resource | Resource | |||
Client Server | Client Server | |||
| | | | | | |||
|<=======>| DTLS Connection Establishment | |<=======>| DTLS Connection Establishment | |||
| | using Pre Shared Key | | | using Pre Shared Key | |||
| | | | | | |||
+-------->| Header: PUT (Code=0.03) | +-------->| Header: PUT (Code=0.03) | |||
| PUT | Uri-Path: "state" | | PUT | Uri-Path: "state" | |||
| | Payload: <new state for the lock> | | | Payload: <new state for the lock> | |||
| | | | | | |||
F: |<--------+ Header: 2.04 Changed | F: |<--------+ Header: 2.04 Changed | |||
| 2.04 | Payload: <new state for the lock> | | 2.04 | Payload: <new state for the lock> | |||
| | | | | | |||
Figure 26: Resource request and response protected by OSCORE | Figure 20: Resource Request and Response Protected by OSCORE | |||
Acknowledgments | ||||
This document is a product of the ACE Working Group of the IETF. | ||||
Thanks to Eve Maler for her contributions to the use of OAuth 2.0 and | ||||
Unlicensed Mobile Access (UMA) in IoT scenarios, Robert Taylor for | ||||
his discussion input, and Malisa Vucinic for his input on the | ||||
predecessors of this proposal. | ||||
Thanks to the authors of "[POP-KEY-DIST]OAuth 2.0 | ||||
Proof-of-Possession: Authorization Server to Client Key Distribution" | ||||
[POP-KEY-DIST], from where parts of the security considerations where | ||||
copied. | ||||
Thanks to Stefanie Gerdes, Olaf Bergmann, and Carsten Bormann for | ||||
contributing their work on AS discovery from "Delegated CoAP | ||||
Authentication and Authorization Framework (DCAF)" [DCAF] (see | ||||
Section 5.1) and the considerations on multiple access tokens. | ||||
Thanks to Jim Schaad and Mike Jones for their comprehensive reviews. | ||||
Thanks to Benjamin Kaduk for his input on various questions related | ||||
to this work. | ||||
Thanks to Cigdem Sengul for some very useful review comments. | ||||
Thanks to Carsten Bormann for contributing the text for the CoRE | ||||
Resource Type registry. | ||||
Thanks to Roman Danyliw for suggesting Appendix E (including its | ||||
contents). | ||||
Ludwig Seitz and Göran Selander worked on this document as part of | ||||
the CelticPlus project CyberWI, with funding from Vinnova. Ludwig | ||||
Seitz was also received further funding for this work by Vinnova in | ||||
the context of the CelticNext project CRITISEC. | ||||
Authors' Addresses | Authors' Addresses | |||
Ludwig Seitz | Ludwig Seitz | |||
Combitech | Combitech | |||
Djäknegatan 31 | Djäknegatan 31 | |||
SE-211 35 Malmö | SE-211 35 Malmö | |||
Sweden | Sweden | |||
Email: ludwig.seitz@combitech.com | Email: ludwig.seitz@combitech.com | |||
Goeran Selander | Göran Selander | |||
Ericsson | Ericsson | |||
Faroegatan 6 | Faroegatan 6 | |||
SE-164 80 Kista | SE-164 80 Kista | |||
Sweden | Sweden | |||
Email: goran.selander@ericsson.com | Email: goran.selander@ericsson.com | |||
Erik Wahlstroem | Erik Wahlstroem | |||
Sweden | Sweden | |||
Email: erik@wahlstromstekniska.se | Email: erik@wahlstromstekniska.se | |||
Samuel Erdtman | Samuel Erdtman | |||
Spotify AB | Spotify AB | |||
Birger Jarlsgatan 61, 4tr | Birger Jarlsgatan 61, 4tr | |||
SE-113 56 Stockholm | SE-113 56 Stockholm | |||
Sweden | Sweden | |||
Email: erdtman@spotify.com | Email: erdtman@spotify.com | |||
Hannes Tschofenig | Hannes Tschofenig | |||
End of changes. 551 change blocks. | ||||
1509 lines changed or deleted | 1698 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ |