Standardizations

1. Ephemeral Diffie-Hellman Over COSE (EDHOC)

A very compact and lightweight authenticated Diffie-Hellman key exchange with ephemeral keys, providing mutual authentication, perfect forward secrecy and identity protection. EDHOC is intended for constrained scenarios and a main use case is to establish an OSCORE security context.

https://datatracker.ietf.org/doc/draft-ietf-lake-edhoc/

2. Group Communication for the Constrained Application Protocol (CoAP)

Usage of the Constrained Application Protocol (CoAP) for group communication, using UDP/IP multicast as the underlying data transport.

https://datatracker.ietf.org/doc/draft-ietf-core-groupcomm-bis/

3. Group OSCORE – Secure Group Communication for CoAP

A method for protecting group communication over the Constrained Application Protocol (CoAP), based on Object Security for Constrained RESTful Environments (OSCORE).

https://datatracker.ietf.org/doc/draft-ietf-core-oscore-groupcomm/

4. Observe Notifications as CoAP Multicast Responses

Method for a CoAP server to send (secure) observe notifications as response messages over IP multicast.

https://datatracker.ietf.org/doc/draft-ietf-core-observe-multicast-notifications/

5. Discovery of OSCORE Groups with the CoRE Resource Directory

Method for a CoAP endpoint to use the CoRE Resource Directory for discovering OSCORE groups and acquiring information to join them.

https://datatracker.ietf.org/doc/draft-tiloca-core-oscore-discovery/

6. Proxy Operations for CoAP Group Communication

A method to enable CoAP forward proxies to operate in group communication scenarios, by forwarding over multicast one request to multiple servers, and forwarding back the individual distinguishable responses to the client.

https://datatracker.ietf.org/doc/draft-tiloca-core-groupcomm-proxy/

7. Combining EDHOC and OSCORE

A method to efficiently combine the execution of the authenticated key establishment protocol Ephemeral Diffie-Hellman over COSE (EDHOC) with a following message exchange protected with Object Security for Constrained RESTful Environments (OSCORE).

https://datatracker.ietf.org/doc/draft-ietf-core-oscore-edhoc/

8. Cacheable OSCORE

A method to enable CoAP forward proxies to cache response messages protected with Group Object Security for Constrained RESTful Environments (Group OSCORE).

https://datatracker.ietf.org/doc/draft-amsuess-core-cachable-oscore/

 9. Key Update for OSCORE

A method for two OSCORE peers to take into account limits of the used AEAD cipher to preserve the security of their communications, as well as a lightweight method for updating their keying material and establish a new OSCORE Security Context.

https://datatracker.ietf.org/doc/draft-hoeglund-core-oscore-key-limits/

10. OSCORE-capable Proxies

A method for protecting CoAP messages with OSCORE also between an origin application endpoint and an intermediary, or between two intermediaries. This includes the possible double-protection of a message through “OSCORE-in-OSCORE”, i.e., both end-to-end between origin application endpoints, as well as between an application endpoint and an intermediary.

https://datatracker.ietf.org/doc/html/draft-tiloca-core-oscore-capable-proxies

11. OSCORE profile of the Authentication and Authorization for Constrained Environments Framework

A profile for the Authentication and Authorization for Constrained Environments (ACE) framework, which utilizes Object Security for Constrained RESTful Environments (OSCORE) in order to achieve communication security, server authentication, and proof-of-possession.

https://datatracker.ietf.org/doc/draft-ietf-ace-oscore-profile/

12. Key Provisioning for Group Communication using ACE

Definition of message formats and procedures for requesting  and distributing group keying material using the Authorization for Constrained Environments (ACE) framework, to   protect communications among group members.

https://datatracker.ietf.org/doc/draft-ietf-ace-key-groupcomm/

13. Key Management for OSCORE Groups in ACE

A method to request and provision keying   material in group communication scenarios where the group communication is based on CoAP and secured with Group Object Security for Constrained RESTful Environments (Group OSCORE), building on the ACE framework for Authentication and Authorization

https://datatracker.ietf.org/doc/draft-ietf-ace-key-groupcomm-oscore/

14. Admin Interface for the OSCORE Group Manager

A RESTful admin interface at the Group Manager, that allows an Administrator entity to create and delete OSCORE groups, as well as to retrieve and update their configuration.  The ACE framework for Authentication and Authorization is used to enforce authentication and authorization of the Administrator at the Group Manager.

https://datatracker.ietf.org/doc/draft-ietf-ace-oscore-gm-admin/

15. Group OSCORE Profile of the Authentication and Authorization for Constrained Environments Framework

A profile for the Authentication and Authorization for Constrained Environments (ACE) framework, which  utilizes Object Security for Constrained RESTful Environments   (OSCORE) and/or Group OSCORE to provide communication security   between a Client and (a group of) Resource Server(s), as well as OSCORE in order to achieve communication security, server authentication, and proof-of-possession.

https://datatracker.ietf.org/doc/draft-tiloca-ace-group-oscore-profile/

16. Notification of Revoked Access Tokens in the Authentication and Authorization for Constrained Environments (ACE) Framework

A method of the Authentication and Authorization for Constrained Environments (ACE) framework, which allows an Authorization Server to notify Clients and Resource Servers (i.e., registered devices) about revoked Access Tokens.

https://datatracker.ietf.org/doc/draft-tiloca-ace-revoked-token-notification/