Internet Assigned Numbers Authority

Authentication and Authorization for Constrained Environments (ACE)

Created
2021-07-27
Last Updated
2024-10-04
Available Formats

XML

HTML

Plain text

Registries included below

ACE Authorization Server Request Creation Hints

Expert(s)
Göran Selander, Cigdem Sengul
Reference
[RFC9200]
Available Formats

CSV
Range Registration Procedures
less than -65536 Private Use
-65536 to -257 Specification Required
-256 to 255 Standards Action
256 to 65535 Specification Required
greater than 65535 Expert Review
Name CBOR Key Value Type Reference
Reserved for Private Use less than -65536 [RFC9200]
AS 1 text string [RFC9200]
kid 2 byte string [RFC9200]
audience 5 text string [RFC9200]
scope 9 text or byte string [RFC9200]
cnonce 39 byte string [RFC9200]

OAuth Error Code CBOR Mappings

Expert(s)
Göran Selander, Cigdem Sengul
Reference
[RFC9200]
Available Formats

CSV
Range Registration Procedures
less than -65536 Private Use
-65536 or greater Expert Review
Name CBOR Value Reference Original Specification
Reserved for Private Use less than -65536 [RFC9200]
invalid_request 1 [RFC9200] [RFC 6749, Section 5.2]
invalid_client 2 [RFC9200] [RFC 6749, Section 5.2]
invalid_grant 3 [RFC9200] [RFC 6749, Section 5.2]
unauthorized_client 4 [RFC9200] [RFC 6749, Section 5.2]
unsupported_grant_type 5 [RFC9200] [RFC 6749, Section 5.2]
invalid_scope 6 [RFC9200] [RFC 6749, Section 5.2]
unsupported_pop_key 7 [RFC9200] [RFC9200]
incompatible_ace_profiles 8 [RFC9200] [RFC9200]

OAuth Grant Type CBOR Mappings

Expert(s)
Göran Selander, Cigdem Sengul
Reference
[RFC9200]
Available Formats

CSV
Range Registration Procedures
less than -65536 Private Use
-65536 or greater Expert Review
Name CBOR Value Reference Original Specification
Reserved for Private Use less than -65536 [RFC9200]
password 0 [RFC9200] [RFC 6749, Section 4.3.2]
authorization_code 1 [RFC9200] [RFC 6749, Section 4.1.3]
client_credentials 2 [RFC9200] [RFC 6749, Section 4.4.2]
refresh_token 3 [RFC9200] [RFC 6749, Section 6]

OAuth Access Token Type CBOR Mappings

Expert(s)
Göran Selander, Cigdem Sengul
Reference
[RFC9200]
Available Formats

CSV
Range Registration Procedures
less than -65536 Private Use
-65536 or greater Expert Review
Name CBOR Value Reference Original Specification
Reserved for Private Use less than -65536 [RFC9200]
Bearer 1 [RFC9200] [RFC6749]
PoP 2 [RFC9200] [RFC9200]

ACE Profiles

Expert(s)
Göran Selander, Cigdem Sengul
Reference
[RFC9200]
Available Formats

CSV
Range Registration Procedures
less than -65536 Private Use
-65536 to -257 Specification Required
-256 to 255 Standards Action
256 to 65535 Specification Required
greater than 65535 Expert Review
Name Description CBOR Value Reference
Reserved for Private Use less than -65536 [RFC9200]
coap_dtls Profile for delegating client Authentication and Authorization for Constrained Environments by establishing a Datagram Transport Layer Security (DTLS) or Transport Layer Security (TLS) channel between resource-constrained nodes. 1 [RFC9202][RFC9430]
coap_oscore Profile for using OSCORE to secure communication between constrained nodes using the Authentication and Authorization for Constrained Environments framework. 2 [RFC9203]
mqtt_tls Profile for delegating Client authentication and authorization using MQTT for the Client and Broker (RS) interactions and HTTP for the AS interactions. TLS is used for confidentiality and integrity protection and server authentication. Client authentication can be provided either via TLS or using in-band PoP validation at the MQTT application layer. 3 [RFC9431]

OAuth Parameters CBOR Mappings

Expert(s)
Göran Selander, Cigdem Sengul
Reference
[RFC9200]
Available Formats

CSV
Range Registration Procedures
less than -65536 Private Use
-65536 or greater Expert Review
Name CBOR Key Value Type Reference Original Specification
Reserved for Private Use less than -65536 [RFC9200]
access_token 1 byte string [RFC9200] [RFC6749]
expires_in 2 unsigned integer [RFC9200] [RFC6749]
req_cnf 4 map [RFC9201, Section 3.1] [RFC9201]
audience 5 text string [RFC9200] [RFC8693]
cnf 8 map [RFC9201, Section 3.2] [RFC9201]
scope 9 text or byte string [RFC9200] [RFC6749]
client_id 24 text string [RFC9200] [RFC6749]
client_secret 25 byte string [RFC9200] [RFC6749]
response_type 26 text string [RFC9200] [RFC6749]
redirect_uri 27 text string [RFC9200] [RFC6749]
state 28 text string [RFC9200] [RFC6749]
code 29 byte string [RFC9200] [RFC6749]
error 30 integer [RFC9200] [RFC6749]
error_description 31 text string [RFC9200] [RFC6749]
error_uri 32 text string [RFC9200] [RFC6749]
grant_type 33 unsigned integer [RFC9200] [RFC6749]
token_type 34 integer [RFC9200] [RFC6749]
username 35 text string [RFC9200] [RFC6749]
password 36 text string [RFC9200] [RFC6749]
refresh_token 37 byte string [RFC9200] [RFC6749]
ace_profile 38 integer [RFC9200] [RFC9200]
cnonce 39 byte string [RFC9200] [RFC9200]
nonce1 40 bstr [RFC9203]
rs_cnf 41 map [RFC9201, Section 3.2] [RFC9201]
nonce2 42 bstr [RFC9203]
ace_client_recipientid 43 bstr [RFC9203]
ace_server_recipientid 44 bstr [RFC9203]
sign_info 45 Null or array [RFC9594]
kdcchallenge 46 byte string [RFC9594]

OAuth Token Introspection Response CBOR Mappings

Expert(s)
Göran Selander, Cigdem Sengul
Reference
[RFC9200]
Available Formats

CSV
Range Registration Procedures
less than -65536 Private Use
-65536 or greater Expert Review
Name CBOR Key Value Type Reference Original Specification
Reserved for Private Use less than -65536 [RFC9200]
iss 1 text string [RFC9200] [RFC7662]
sub 2 text string [RFC9200] [RFC7662]
aud 3 text string [RFC9200] [RFC7662]
exp 4 integer or floating-point number [RFC9200] [RFC7662]
nbf 5 integer or floating-point number [RFC9200] [RFC7662]
iat 6 integer or floating-point number [RFC9200] [RFC7662]
cti 7 byte string [RFC9200] [RFC9200]
cnf 8 map [RFC9201, Section 4] [RFC8705]
scope 9 text or byte string [RFC9200] [RFC7662]
active 10 True or False [RFC9200] [RFC7662]
token 11 byte string [RFC9200] [RFC7662]
client_id 24 text string [RFC9200] [RFC7662]
error 30 integer [RFC9200] [RFC7662]
error_description 31 text string [RFC9200] [RFC7662]
error_uri 32 text string [RFC9200] [RFC7662]
token_type_hint 33 text string [RFC9200] [RFC7662]
token_type 34 integer [RFC9200] [RFC7662]
username 35 text string [RFC9200] [RFC7662]
ace_profile 38 integer [RFC9200] [RFC9200]
cnonce 39 byte string [RFC9200] [RFC9200]
exi 40 unsigned integer [RFC9200] [RFC9200]

OSCORE Security Context Parameters

Expert(s)
Göran Selander, Cigdem Sengul
Reference
[RFC9203]
Available Formats

CSV
Range Registration Procedures
less than -65536 Private Use
-65536 to -257 Specification Required
-256 to 255 Standards Action With Expert Review
256 to 65535 Specification Required
greater than 65535 Expert Review
Strings of length 1 Standards Action With Expert Review
Strings of length 2 Specification Required
Strings of length greater than 2 Expert Review
Name CBOR Label CBOR Type Registry Description Reference
Reserved for Private Use less than -65536 [RFC9203]
id 0 byte string OSCORE Input Material Identifier [RFC9203]
version 1 unsigned integer OSCORE Version [RFC9203]
ms 2 byte string OSCORE Master Secret value [RFC9203]
hkdf 3 text string / integer [COSE Algorithms] Values (HMAC-based) OSCORE HKDF value [RFC9203]
alg 4 text string / integer [COSE Algorithms] Values (AEAD) OSCORE AEAD Algorithm value [RFC9203]
salt 5 byte string an input to OSCORE Master Salt value [RFC9203]
contextId 6 byte string OSCORE ID Context value [RFC9203]

ACE Groupcomm Parameters

Expert(s)
Francesca Palombini, Marco Tiloca, Rikard Höglund
Reference
[RFC9594]
Available Formats

CSV
Range Registration Procedures
less than -65536 Private Use
-65536 to -257 Specification Required
-256 to 255 Standards Action With Expert Review
256 to 65535 Specification Required
greater than 65535 Expert Review
Strings of length 1 Standards Action With Expert Review
Strings of length 2 Specification Required
Strings of length greater than 2 Expert Review
Name CBOR Key CBOR Type Reference
Reserved for Private Use less than -65536 [RFC9594]
gid 0 array [RFC9594]
gname 1 array of tstr [RFC9594]
guri 2 array of tstr [RFC9594]
scope 3 bstr [RFC9594]
get_creds 4 Null or array [RFC9594]
client_cred 5 bstr [RFC9594]
cnonce 6 bstr [RFC9594]
gkty 7 int or tstr [RFC9594]
key 8 See the [ACE Groupcomm Key Types] registry [RFC9594]
num 9 int [RFC9594]
ace_groupcomm_profile 10 int [RFC9594]
exp 11 uint [RFC9594]
exi 12 uint [RFC9594]
creds 13 array [RFC9594]
peer_roles 14 array [RFC9594]
peer_identifiers 15 array [RFC9594]
group_policies 16 map [RFC9594]
kdc_cred 17 bstr [RFC9594]
kdc_nonce 18 bstr [RFC9594]
kdc_cred_verify 19 bstr [RFC9594]
rekeying_scheme 20 int [RFC9594]
client_cred_verify 24 bstr [RFC9594]
creds_repo 25 tstr [RFC9594]
control_uri 26 tstr [RFC9594]
mgt_key_material 27 bstr [RFC9594]
control_group_uri 28 tstr [RFC9594]
sign_info 29 Null or array [RFC9594]
kdcchallenge 30 bstr [RFC9594]

ACE Groupcomm Key Types

Expert(s)
Francesca Palombini, Marco Tiloca, Rikard Höglund
Reference
[RFC9594]
Available Formats

CSV
Range Registration Procedures
less than -65536 Private Use
-65536 to -257 Specification Required
-256 to 255 Standards Action With Expert Review
256 to 65535 Specification Required
greater than 65535 Expert Review
Strings of length 1 Standards Action With Expert Review
Strings of length 2 Specification Required
Strings of length greater than 2 Expert Review
Name Key Type Value Profile Description Reference
Reserved for Private Use less than -65536 [RFC9594]
Reserved 0 This value is reserved [RFC9594]

ACE Groupcomm Profiles

Expert(s)
Francesca Palombini, Marco Tiloca, Rikard Höglund
Reference
[RFC9594]
Available Formats

CSV
Range Registration Procedures
less than -65536 Private Use
-65536 to -257 Specification Required
-256 to 255 Standards Action With Expert Review
256 to 65535 Specification Required
greater than 65535 Expert Review
Name Description CBOR Value Reference
Reserved for Private Use less than -65536 [RFC9594]
Reserved This value is reserved 0 [RFC9594]

ACE Groupcomm Policies

Expert(s)
Francesca Palombini, Marco Tiloca, Rikard Höglund
Reference
[RFC9594]
Available Formats

CSV
Range Registration Procedures
less than -65536 Private Use
-65536 to -257 Specification Required
-256 to 255 Standards Action With Expert Review
256 to 65535 Specification Required
greater than 65535 Expert Review
Strings of length 1 Standards Action With Expert Review
Strings of length 2 Specification Required
Strings of length greater than 2 Expert Review
Name CBOR Label CBOR Type Description Reference
Reserved for Private Use less than -65536 [RFC9594]
Sequence Number Synchronization Method 0 int or tstr Method for recipient group members to synchronize with sequence numbers of sender group members. Its value is taken from the "Value" column of the "Sequence Number Synchronization Method" registry [RFC9594]
Key Update Check Interval 1 int Polling interval in seconds, for group members to check at the KDC if the latest group keying material is the one that they store [RFC9594]
Expiration Delta 2 uint Number of seconds from 'exp' until a UTC date/time, after which group members MUST stop using the group keying material that they store to decrypt incoming messages [RFC9594]

Sequence Number Synchronization Methods

Expert(s)
Francesca Palombini, Marco Tiloca, Rikard Höglund
Reference
[RFC9594]
Available Formats

CSV
Range Registration Procedures
less than -65536 Private Use
-65536 to -257 Specification Required
-256 to 255 Standards Action With Expert Review
256 to 65535 Specification Required
greater than 65535 Expert Review
Strings of length 1 Standards Action With Expert Review
Strings of length 2 Specification Required
Strings of length greater than 2 Expert Review
Name Value Description Reference
Reserved for Private Use less than -65536 [RFC9594]

ACE Groupcomm Errors

Expert(s)
Francesca Palombini, Marco Tiloca, Rikard Höglund
Reference
[RFC9594]
Available Formats

CSV
Range Registration Procedures
less than -65536 Private Use
-65536 to -257 Specification Required
-256 to 255 Standards Action With Expert Review
256 to 65535 Specification Required
greater than 65535 Expert Review
Value Description Reference
less than -65536 Reserved for Private Use [RFC9594]
0 Operation permitted only to group members [RFC9594]
1 Request inconsistent with the current roles [RFC9594]
2 Authentication credential incompatible with the group configuration [RFC9594]
3 Invalid proof-of-possession evidence [RFC9594]
4 No available individual keying material [RFC9594]
5 Group membership terminated [RFC9594]
6 Group deleted [RFC9594]

ACE Groupcomm Rekeying Schemes

Expert(s)
Francesca Palombini, Marco Tiloca, Rikard Höglund
Reference
[RFC9594]
Available Formats

CSV
Range Registration Procedures
less than -65536 Private Use
-65536 to -257 Specification Required
-256 to 255 Standards Action With Expert Review
256 to 65535 Specification Required
greater than 65535 Expert Review
Value Name Description Reference
Reserved for Private Use less than -65536 [RFC9594]
0 Point-to-Point The KDC individually targets each node to rekey, using the pairwise secure communication association with that node [RFC9594]