RFC Errata
RFC 9200, "Authentication and Authorization for Constrained Environments Using the OAuth 2.0 Framework (ACE-OAuth)", August 2022
Source of RFC: ace (sec)
Errata ID: 8235
Status: Reported
Type: Technical
Publication Format(s) : HTML
Reported By: Marco Tiloca
Date Reported: 2025-01-03
Section F.2 says:
The AS responds with a CoAP 2.05 Content response, containing as
payload the Access Information, including the access token and the
...
| |
B: |<--------+ Header: 2.05 Content
| | Content-Format: application/ace+cbor
| 2.05 | Payload: <Response-Payload>
| |
...
It should say:
The AS responds with a CoAP 2.01 Created response, containing as
payload the Access Information, including the access token and the
...
| |
B: |<--------+ Header: 2.01 Created
| | Content-Format: application/ace+cbor
| 2.01 | Payload: <Response-Payload>
| |
...
Notes:
The quoted text and the example in Figure 16 consider a response with CoAP response code 2.05 (Content). However, as defined in Section 5.8.2, a successful response from the /token endpoint has CoAP response code 2.01 (Created).
Moreover, 2.05 (Content) is not a valid CoAP response code for a response to a POST request, see Section 10.1.4 of RFC 7252.