[Ace] Draft ACE Charter
Likepeng <likepeng@huawei.com> Wed, 11 December 2013 10:11 UTC
Return-Path: <likepeng@huawei.com>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8E7461A8032 for <ace@ietfa.amsl.com>; Wed, 11 Dec 2013 02:11:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Level:
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6IHc-2gtGhfA for <ace@ietfa.amsl.com>; Wed, 11 Dec 2013 02:11:32 -0800 (PST)
Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) by ietfa.amsl.com (Postfix) with ESMTP id A457D1A1F4E for <ace@ietf.org>; Wed, 11 Dec 2013 02:11:31 -0800 (PST)
Received: from 172.18.7.190 (EHLO lhreml204-edg.china.huawei.com) ([172.18.7.190]) by lhrrg02-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id AYW39309; Wed, 11 Dec 2013 10:11:25 +0000 (GMT)
Received: from LHREML406-HUB.china.huawei.com (10.201.5.243) by lhreml204-edg.china.huawei.com (172.18.7.223) with Microsoft SMTP Server (TLS) id 14.3.158.1; Wed, 11 Dec 2013 10:11:12 +0000
Received: from SZXEMA401-HUB.china.huawei.com (10.82.72.33) by lhreml406-hub.china.huawei.com (10.201.5.243) with Microsoft SMTP Server (TLS) id 14.3.158.1; Wed, 11 Dec 2013 10:11:21 +0000
Received: from SZXEMA501-MBS.china.huawei.com ([169.254.2.66]) by SZXEMA401-HUB.china.huawei.com ([10.82.72.33]) with mapi id 14.03.0158.001; Wed, 11 Dec 2013 18:11:17 +0800
From: Likepeng <likepeng@huawei.com>
To: "ace@ietf.org" <ace@ietf.org>
Thread-Topic: Draft ACE Charter
Thread-Index: Ac72WVT850tgXXxoRT6JXoOa8NAUkA==
Date: Wed, 11 Dec 2013 10:11:17 +0000
Message-ID: <34966E97BE8AD64EAE9D3D6E4DEE36F252AD22CA@SZXEMA501-MBS.china.huawei.com>
Accept-Language: zh-CN, en-US
Content-Language: zh-CN
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.66.167.122]
Content-Type: multipart/alternative; boundary="_000_34966E97BE8AD64EAE9D3D6E4DEE36F252AD22CASZXEMA501MBSchi_"
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Subject: [Ace] Draft ACE Charter
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Dec 2013 10:11:41 -0000
Hello all, Welcome to the list! The purpose of this list is to organize interest in a group to define the charter for work on Authentication and Authorization for Constrained Environments. Our mailing list can be found at (1), existing work can be found at (2), and draft charter can be found at (3). We welcome your feedback! Thanks, Kind Regards Kepeng & Stefanie (1)Mailing List https://www.ietf.org/mailman/listinfo/ace (2)Existing work: Use Cases: http://tools.ietf.org/id/draft-garcia-core-security http://tools.ietf.org/id/draft-greevenbosch-core-authreq http://tools.ietf.org/id/draft-seitz-core-sec-usecases Solutions http://tools.ietf.org/id/draft-gerdes-core-dcaf-authorize http://tools.ietf.org/id/draft-kang-core-secure-reconfiguration http://tools.ietf.org/id/draft-selander-core-access-control http://tools.ietf.org/id/draft-zhu-core-groupauth http://tools.ietf.org/id/draft-pporamba-dtls-certkey http://tools.ietf.org/id/draft-schmitt-two-way-authentication-for-iot http://tools.ietf.org/id/draft-seitz-core-security-modes (3)Draft Charter - Authentication and Authorization for Constrained Environment (ACE) The CoAP (Constrained Application Protocol) is a light-weight application layer protocol, especially suitable for applications such as smart energy, smart home, building automation, remote patient monitoring etc. Due to the nature of these applications, including a critical, unattended infrastructure and usage in the personal sphere, security and privacy protection are critical components. Currently, a problem with constrained devices is the realization of such secure communication. The devices only have limited resources such as memory, storage and transmission capacity. These constraints severely limit the security functions and communications the device can perform. Missing functionality includes authentication, which provides trust and ensures an entity is who it says it is, and authorization, which defines and enforces access rights for different clients. The ACE WG focuses on providing constrained devices with the necessary prerequisites to use REST operations in a secure way. Constrained devices will thus be enabled to authenticate communications from other (constrained or less-constrained) devices, to communicate securely with them and to verify their individual authorization to access specific resources. To achieve this, ACE will be able to employ an architecture with one or more trusted less-constrained devices which will relieve the constrained nodes from complex security related tasks (e.g. managing authorization policies and a large number of keys). ACE will use CoAP and employ security properties of DTLS whenever possible. The ACE WG has the following tasks: - Document the use cases and high-level requirements for secured communication between constrained devices. - Define certificate profiling (what kinds of certificates and which attributes are to be used). - Define a mechanism for authenticated and protected transfer of authorization information suitable for constrained device to constrained device communication. - Define an access ticket and authorization information format suitable for constrained devices. - Define bootstrapping for authorization information using the Resource Directory.
- [Ace] Draft ACE Charter Likepeng
- Re: [Ace] Draft ACE Charter Ludwig Seitz
- Re: [Ace] Draft ACE Charter Carsten Bormann
- Re: [Ace] Draft ACE Charter peter van der Stok
- Re: [Ace] Draft ACE Charter FOSSATI, Thomas (Thomas)
- Re: [Ace] Draft ACE Charter Michael Richardson
- Re: [Ace] Draft ACE Charter Carsten Bormann
- Re: [Ace] Draft ACE Charter Michael Richardson
- Re: [Ace] Draft ACE Charter Thomas Watteyne
- Re: [Ace] Draft ACE Charter Likepeng
- Re: [Ace] Draft ACE Charter peter van der Stok
- Re: [Ace] Draft ACE Charter Thomas Watteyne
- Re: [Ace] Draft ACE Charter Likepeng
- Re: [Ace] Draft ACE Charter Ludwig Seitz