Ace Status Pages

Authentication and Authorization for Constrained Environments (Concluded WG)

Sec Area: Roman Danyliw, Benjamin Kaduk | 2014-Jun-16 —

Chairs:

IETF-90 ace agenda

Slides

These are also available from the materials page:

ACE Chairs Slides
ACE Problem Description
ACE Use Cases and Design Patterns
ACE Design Considerations
ACE Cross Domain

Session 2014-07-23 0900-1130: Tudor 7/8 - Audio stream - ace chatroom

Agenda

          
          
          
          Authentication and Authorization for Constrained Environments (ACE)
          
          WEDNESDAY, July 23, 2014
          
          0900-1130 EDT
          Tudor 7/8 (MM)
          
          - Welcome & Agenda Bashing (Chairs, 10 mins)
          
          - ACE Introduction (Chairs, 10 mins)
          
          Since this is the first meeting of the working group we would like to
          give a brief description the high level goal of the group. This part of
          the agenda should also help you to become familiar with the terminology.
          
          - Design Directions
          
          We want to spend the main meeting time to answer a couple of challenging
          questions.
          Our hope is it to get answers to some of these questions during the
          meeting or in preparation of the meeting.
          
          1) Problem Description
          
          1a) Client <-> RS Communication: What transport should be used?
          1b) What degree of flexibility should we aim for? DTLS or application
          layer security?
          
          [[Relevant document: draft-seitz-ace-problem-description-01]]
          
          Discussion Leader: Ludwig Seitz
          
          2) Design Patterns
          
          2a) Is the OAuth/Kerberos design pattern sufficient?
          (does it cover all the use cases)
          2b) Is the OAuth/Kerberos design pattern necessary?
          (can we throw something away?)
          
          [[Relevant document: draft-seitz-ace-usecases-01]]
          
          Discussion Leader: Ludwig Seitz
          
          3) Design Considerations
          
          3a) What design components could we re-use?
          3b) What areas need to be explored in more detail?
          
          Example topics:
          
            * RS<->AS Communication: In scope / out of scope?
            * Protocol re-use: what's good and what's not?
            * Message encoding: Base64, JSON, ASN.1, CBOR
          
          3c) Should the design be based on symmetric or asymmetric crypto?
            (or both?)
          
          [[Relevant document: draft-seitz-ace-design-considerations-00]]
          
          Discussion Leader: Corinna Schmitt
          
          4) Cross-domain Support
          
          4a) How to address cross-domain support in the initial protocol design?
          4b) What lessons from other areas can be taken into account?
          4c) Do we need new terminology or can we re-use existing terms?
          
          [[Relevant documents: draft-gerdes-ace-actors-01 and
          draft-tschofenig-ace-overview-00]]
          
          Discussion Leader: Carsten Bormann
          
          - Summary and Next Steps (Chairs, 10 mins)