RFC 9431
Message Queuing Telemetry Transport (MQTT) and Transport Layer Security (TLS) Profile of Authentication and Authorization for Constrained Environments (ACE) Framework, July 2023
- File formats:
- Also available: XML file for editing
- Status:
- PROPOSED STANDARD
- Authors:
- C. Sengul
A. Kirby - Stream:
- IETF
- Source:
- ace (sec)
Cite this RFC: TXT | XML | BibTeX
DOI: https://doi.org/10.17487/RFC9431
Discuss this RFC: Send questions or comments to the mailing list ace@ietf.org
Other actions: Submit Errata | Find IPR Disclosures from the IETF | View History of RFC 9431
Abstract
This document specifies a profile for the Authentication and Authorization for Constrained Environments (ACE) framework to enable authorization in a publish-subscribe messaging system based on Message Queuing Telemetry Transport (MQTT). Proof-of-Possession keys, bound to OAuth 2.0 access tokens, are used to authenticate and authorize MQTT Clients. The protocol relies on TLS for confidentiality and MQTT server (Broker) authentication.
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 8729.