* WGs marked with an * asterisk has had at least one new draft made available during the last 5 days

Ace Status Pages

Authentication and Authorization for Constrained Environments (Concluded WG)
Sec Area: Roman Danyliw, Benjamin Kaduk | 2014-Jun-16 —  

IETF-90 ace agenda


These are also available from the materials page:
ACE Chairs Slides
ACE Problem Description
ACE Use Cases and Design Patterns
ACE Design Considerations
ACE Cross Domain
Session 2014-07-23 0900-1130: Tudor 7/8 - Audio stream - ace chatroom


          Authentication and Authorization for Constrained Environments (ACE)
          WEDNESDAY, July 23, 2014
          0900-1130 EDT
          Tudor 7/8 (MM)
          - Welcome & Agenda Bashing (Chairs, 10 mins)
          - ACE Introduction (Chairs, 10 mins)
          Since this is the first meeting of the working group we would like to
          give a brief description the high level goal of the group. This part of
          the agenda should also help you to become familiar with the terminology.
          - Design Directions
          We want to spend the main meeting time to answer a couple of challenging
          Our hope is it to get answers to some of these questions during the
          meeting or in preparation of the meeting.
          1) Problem Description
          1a) Client <-> RS Communication: What transport should be used?
          1b) What degree of flexibility should we aim for? DTLS or application
          layer security?
          [[Relevant document: draft-seitz-ace-problem-description-01]]
          Discussion Leader: Ludwig Seitz
          2) Design Patterns
          2a) Is the OAuth/Kerberos design pattern sufficient?
          (does it cover all the use cases)
          2b) Is the OAuth/Kerberos design pattern necessary?
          (can we throw something away?)
          [[Relevant document: draft-seitz-ace-usecases-01]]
          Discussion Leader: Ludwig Seitz
          3) Design Considerations
          3a) What design components could we re-use?
          3b) What areas need to be explored in more detail?
          Example topics:
            * RS<->AS Communication: In scope / out of scope?
            * Protocol re-use: what's good and what's not?
            * Message encoding: Base64, JSON, ASN.1, CBOR
          3c) Should the design be based on symmetric or asymmetric crypto?
            (or both?)
          [[Relevant document: draft-seitz-ace-design-considerations-00]]
          Discussion Leader: Corinna Schmitt
          4) Cross-domain Support
          4a) How to address cross-domain support in the initial protocol design?
          4b) What lessons from other areas can be taken into account?
          4c) Do we need new terminology or can we re-use existing terms?
          [[Relevant documents: draft-gerdes-ace-actors-01 and
          Discussion Leader: Carsten Bormann
          - Summary and Next Steps (Chairs, 10 mins)

Generated from PyHt script /wg/ace/agenda.pyht Latest update: 24 Oct 2012 16:51 GMT -