RFC 9668
Using Ephemeral Diffie-Hellman Over COSE (EDHOC) with the Constrained Application Protocol (CoAP) and Object Security for Constrained RESTful Environments (OSCORE), November 2024
- File formats:
- Also available: XML file for editing
- Status:
- PROPOSED STANDARD
- Authors:
- F. Palombini
M. Tiloca
R. Höglund
S. Hristozov
G. Selander - Stream:
- IETF
- Source:
- core (wit)
Cite this RFC: TXT | XML | BibTeX
DOI: https://doi.org/10.17487/RFC9668
Discuss this RFC: Send questions or comments to the mailing list core@ietf.org
Other actions: Submit Errata | Find IPR Disclosures from the IETF | View History of RFC 9668
Abstract
The lightweight authenticated key exchange protocol Ephemeral Diffie-Hellman Over COSE (EDHOC) can be run over the Constrained Application Protocol (CoAP) and used by two peers to establish a Security Context for the security protocol Object Security for Constrained RESTful Environments (OSCORE). This document details this use of the EDHOC protocol by specifying a number of additional and optional mechanisms, including an optimization approach for combining the execution of EDHOC with the first OSCORE transaction. This combination reduces the number of round trips required to set up an OSCORE Security Context and to complete an OSCORE transaction using that Security Context.
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 8729.