Standardizations

1. Ephemeral Diffie-Hellman Over COSE (EDHOC)

A very compact and lightweight authenticated Diffie-Hellman key exchange with ephemeral keys, providing mutual authentication, perfect forward secrecy and identity protection. EDHOC is intended for constrained scenarios and a main use case is to establish an OSCORE security context.

https://datatracker.ietf.org/doc/draft-ietf-lake-edhoc/

2. Group Communication for the Constrained Application Protocol (CoAP)

Usage of the Constrained Application Protocol (CoAP) for group communication, using UDP/IP multicast as the underlying data transport.

https://datatracker.ietf.org/doc/draft-ietf-core-groupcomm-bis/

3. Group OSCORE – Secure Group Communication for CoAP

A method for protecting group communication over the Constrained Application Protocol (CoAP), based on Object Security for Constrained RESTful Environments (OSCORE).

https://datatracker.ietf.org/doc/draft-ietf-core-oscore-groupcomm/

4. Observe Notifications as CoAP Multicast Responses

Method for a CoAP server to send (secure) observe notifications as response messages over IP multicast.

https://datatracker.ietf.org/doc/draft-ietf-core-observe-multicast-notifications/

5. Discovery of OSCORE Groups with the CoRE Resource Directory

Method for a CoAP endpoint to use the CoRE Resource Directory for discovering OSCORE groups and acquiring information to join them.

https://datatracker.ietf.org/doc/draft-tiloca-core-oscore-discovery/

6. Proxy Operations for CoAP Group Communication

A method to enable CoAP forward proxies to operate in group communication scenarios, by forwarding over multicast one request to multiple servers, and forwarding back the individual distinguishable responses to the client.

https://datatracker.ietf.org/doc/draft-tiloca-core-groupcomm-proxy/

7. Combining EDHOC and OSCORE

A method to efficiently combine the execution of the authenticated key establishment protocol Ephemeral Diffie-Hellman over COSE (EDHOC) with a following message exchange protected with Object Security for Constrained RESTful Environments (OSCORE).

https://datatracker.ietf.org/doc/draft-ietf-core-oscore-edhoc/

8. Cacheable OSCORE

A method to enable CoAP forward proxies to cache response messages protected with Group Object Security for Constrained RESTful Environments (Group OSCORE).

https://datatracker.ietf.org/doc/draft-amsuess-core-cachable-oscore/

 9. AEAD Key Usage Limits in OSCORE

A method for two OSCORE peers to take into account limits of the used AEAD cipher, to preserve the security of their communications.

https://datatracker.ietf.org/doc/draft-hoeglund-core-oscore-key-limits/

10. OSCORE profile of the Authentication and Authorization for Constrained Environments Framework

A profile for the Authentication and Authorization for Constrained Environments (ACE) framework, which utilizes Object Security for Constrained RESTful Environments (OSCORE) in order to achieve communication security, server authentication, and proof-of-possession.

https://datatracker.ietf.org/doc/draft-ietf-ace-oscore-profile/

11. Key Provisioning for Group Communication using ACE

Definition of message formats and procedures for requesting  and distributing group keying material using the Authorization for Constrained Environments (ACE) framework, to   protect communications among group members.

https://datatracker.ietf.org/doc/draft-ietf-ace-key-groupcomm/

12. Key Management for OSCORE Groups in ACE

A method to request and provision keying   material in group communication scenarios where the group communication is based on CoAP and secured with Group Object Security for Constrained RESTful Environments (Group OSCORE), building on the ACE framework for Authentication and Authorization

https://datatracker.ietf.org/doc/draft-ietf-ace-key-groupcomm-oscore/

13. Admin Interface for the OSCORE Group Manager

A RESTful admin interface at the Group Manager, that allows an Administrator entity to create and delete OSCORE groups, as well as to retrieve and update their configuration.  The ACE framework for Authentication and Authorization is used to enforce authentication and authorization of the Administrator at the Group Manager.

https://datatracker.ietf.org/doc/draft-ietf-ace-oscore-gm-admin/

14. Group OSCORE Profile of the Authentication and Authorization for Constrained Environments Framework

A profile for the Authentication and Authorization for Constrained Environments (ACE) framework, which  utilizes Object Security for Constrained RESTful Environments   (OSCORE) and/or Group OSCORE to provide communication security   between a Client and (a group of) Resource Server(s), as well as OSCORE in order to achieve communication security, server authentication, and proof-of-possession.

https://datatracker.ietf.org/doc/draft-tiloca-ace-group-oscore-profile/

15. Notification of Revoked Access Tokens in the Authentication and Authorization for Constrained Environments (ACE) Framework

A method of the Authentication and Authorization for Constrained Environments (ACE) framework, which allows an Authorization Server to notify Clients and Resource Servers (i.e., registered devices) about revoked Access Tokens.

https://datatracker.ietf.org/doc/draft-tiloca-ace-revoked-token-notification/