| RFC 9202 | DTLS Profile for ACE | August 2022 |
| Gerdes, et al. | Standards Track | [Page] |
This specification defines a profile of the Authentication and Authorization for Constrained Environments (ACE) framework that allows constrained servers to delegate client authentication and authorization. The protocol relies on DTLS version 1.2 or later for communication security between entities in a constrained network using either raw public keys or pre-shared keys. A resource-constrained server can use this protocol to delegate management of authorization information to a trusted host with less-severe limitations regarding processing power and memory.¶
This is an Internet Standards Track document.¶
This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Further information on Internet Standards is available in Section 2 of RFC 7841.¶
Information about the current status of this document, any errata, and how to provide feedback on it may be obtained athttps://www.rfc-editor.org/info/rfc9202.¶
Copyright (c) 2022 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.¶
This specification defines a profile of the ACE framework[RFC9200]. In this profile, a client (C) and aresource server (RS) use the Constrained Application Protocol (CoAP)[RFC7252] over DTLS version 1.2[RFC6347]to communicate. This specificationuses DTLS 1.2 terminology, but later versions such as DTLS 1.3[RFC9147] can beused instead. The client obtains an access token bound to a key(the proof-of-possession (PoP) key) from an authorization server (AS) to proveits authorization to access protected resources hosted by the resourceserver. Also, the client and the resource server are provided by theauthorization server with the necessary keying material to establish aDTLS session. The communication between the client and authorizationserver may also be secured with DTLS. This specification supportsDTLS with raw public keys (RPKs)[RFC7250] and with pre-shared keys(PSKs)[RFC4279]. How token introspection[RFC7662] is performedbetween the RS and AS is out of scope for this specification.¶
The ACE framework requires that the client and server mutuallyauthenticate each other before any application data is exchanged.DTLS enables mutual authentication if both the client and server provetheir ability to use certain keying material in the DTLS handshake.The authorization server assists in this process on the server side byincorporating keying material (or information about keying material)into the access token, which is considered a proof-of-possessiontoken.¶
In the RPK mode, the client proves that it can use the RPK bound tothe token and the server shows that it can use a certain RPK.¶
The resource server needs access to the token in order to completethis exchange. For the RPK mode, the client must upload the accesstoken to the resource server before initiating the handshake, asdescribed inSection 5.10.1 of the ACE framework [RFC9200].¶
In the PSK mode, the client and server show with the DTLS handshake thatthey can use the keying material that is bound to the access token.To transfer the access token from the client to the resource server,thepsk_identity parameter in the DTLS PSK handshake may be usedinstead of uploading the token prior to the handshake.¶
As recommended inSection 5.8 of [RFC9200], thisspecification uses Concise Binary Object Representation (CBOR) web tokens to convey claims within an accesstoken issued by the server. While other formats could be used as well,those are out of scope for this document.¶
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT","SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and"OPTIONAL" in this document are to be interpreted as described in BCP 14[RFC2119][RFC8174] when, and only when, they appear in allcapitals, as shown here.¶
Readers are expected to be familiar with the terms and conceptsdescribed in[RFC9200] and[RFC9201].¶
The authorization information (authz-info) resource refers to the authorization information endpoint, as specified in[RFC9200].The termclaim is used in this document with the same semanticsas in[RFC9200], i.e., it denotes information carriedin the access token or returned from introspection.¶
Throughout this document, examples for CBOR data items are expressed in CBOR extended diagnostic notation as defined inSection 8 of [RFC8949] andAppendix G of [RFC8610] ("diagnostic notation"), unless noted otherwise. We often use diagnostic notation comments to provide a textual representation of the numeric parameter names and values.¶
The CoAP-DTLS profile for ACE specifies the transfer of authenticationinformation and, if necessary, authorization information between theclient (C) and the resource server (RS) during setup of a DTLS sessionfor CoAP messaging. It also specifies how the client can use CoAP overDTLS to retrieve an access token from the authorization server (AS)for a protected resource hosted on the resource server. As specifiedinSection 6.7 of [RFC9200], use of DTLS for one orboth of these interactions is completely independent.¶
This profile requires the client to retrieve an access token for theprotected resource(s) it wants to access on the resource server, asspecified in[RFC9200].Figure 1 shows thetypical message flow in this scenario (messages in square brackets areoptional):¶
C RS AS | [---- Resource Request ------>]| | | | | | [<-AS Request Creation Hints-] | | | | | | ------- Token Request ----------------------------> | | | | | <---------------------------- Access Token --------- | | + Access Information |
To determine the authorization server in charge of a resource hostedat the resource server, the client can send an initial UnauthorizedResource Request message to the resource server. The resource serverthen denies the request and sends an AS Request Creation Hints messagecontaining the address of its authorization server back to the client,as specified inSection 5.3 of [RFC9200].¶
Once the client knows the authorization server's address, it can sendan access token request to the token endpoint at the authorizationserver, as specified in[RFC9200]. As the accesstoken request and the response may contain confidential data,the communication between the client and the authorization server mustbe confidentiality protected and ensure authenticity. The client isexpected to have been registered at the authorization server, asoutlined inSection 4 of [RFC9200].¶
The access token returned by the authorization server can then be usedby the client to establish a new DTLS session with the resourceserver. When the client intends to use an asymmetric proof-of-possession key in theDTLS handshake with the resource server, the clientMUST upload theaccess token to the authz-info resource, i.e., the authz-info endpoint,on the resource server beforestarting the DTLS handshake, as described inSection 5.10.1 of [RFC9200]. In case the client uses a symmetric proof-of-possessionkey in the DTLS handshake, the procedure aboveMAY be used, or alternatively the access tokenMAY instead be transferred in theDTLS ClientKeyExchange message (seeSection 3.3.2).In any case, DTLSMUST be used in a mode that provides replayprotection.¶
Figure 2 depicts the common protocol flow for the DTLSprofile after the client has retrieved the access token from theauthorization server (AS).¶
C RS AS | [--- Access Token ------>] | | | | | | <== DTLS channel setup ==> | | | | | | == Authorized Request ===> | | | | | | <=== Protected Resource == | |
The following sections specify how CoAP is used to interchangeaccess-related data between the resource server, the client, and theauthorization server so that the authorization server can provide theclient and the resource server with sufficient information toestablish a secure channel and convey authorization informationspecific for this communication relationship to the resource server.¶
Section 3.1 describes how the communication between the client (C) and the authorization server (AS) must be secured. Depending on the CoAP security mode used (see alsoSection 9 of [RFC7252]), the client-to-AS request, AS-to-client response, and DTLS session establishment carry slightly different information.Section 3.2 addresses the use of raw public keys, whileSection 3.3 defines how pre-shared keys are used in this profile.¶
To retrieve an access token for the resource that the client wants to access, the client requests an access token from the authorization server. Before the client can request the access token, the client and the authorization serverMUST establish a secure communication channel. This profile assumes that the keying material to secure this communication channel has securely been obtained either by manual configuration or in an automated provisioning process. The following requirements, in alignment withSection 6.5 of [RFC9200], therefore must be met:¶
The client and the authorization serverMUST use their respective keying material for all exchanged messages. How the security association between the client and the authorization server is bootstrapped is not part of this document. The client and the authorization server must ensure the confidentiality, integrity, and authenticity of all exchanged messages within the ACE protocol.¶
Section 6 specifies how communication with the authorization server is secured.¶
When the client uses raw public key authentication, the procedure is asdescribed in the following.¶
After the client and the authorization server mutually authenticated each other and validated eachother's authorization, the client sends a token request to the authorization server's token endpoint.The clientMUST add areq_cnf object carrying either its raw public keyor a unique identifier for a public key that it has previously madeknown to the authorization server. It isRECOMMENDED thatthe client uses DTLS with the same keying material to secure thecommunication with the authorization server, proving possession of the keyas part of the token request. Other mechanisms for proving possession ofthe key may be defined in the future.¶
An example access token request from the client to the authorizationserver is depicted inFigure 3.¶
POST coaps://as.example.com/token Content-Format: application/ace+cbor Payload: { / grant_type / 33 : / client_credentials / 2, / audience / 5 : "tempSensor4711", / req_cnf / 4 : { / COSE_Key / 1 : { / kty / 1 : / EC2 / 2, / crv / -1 : / P-256 / 1, / x / -2 : h'e866c35f4c3c81bb96a1/.../', / y / -3 : h'2e25556be097c8778a20/.../' } } }The example shows an access token request for the resource identifiedby the string "tempSensor4711" on the authorization serverusing a raw public key.¶
The authorization serverMUST check if the client that it communicateswith is associated with the RPK in thereq_cnf parameter beforeissuing an access token to it. If the authorization server determinesthat the request is to be authorized according to the respectiveauthorization rules, it generates an access token response for theclient. The access tokenMUST be bound to the RPK of the client bymeans of thecnf claim.¶
The responseMUST contain anace_profile parameter if theace_profile parameter in the request is empty andMAY contain this parameter otherwise (seeSection 5.8.2 of [RFC9200]). This parameter is set tocoap_dtls to indicate that this profileMUST be used for communication between the client and the resource server. The response also contains an access token with information for the resource server about the client's public key. The authorization serverMUST return in its response the parameterrs_cnf unless it is certain that the client already knows the public key of the resource server. The authorization serverMUST ascertain that the RPK specified inrs_cnf belongs to the resource server that the client wants to communicate with. The authorization serverMUST protect the integrity of the access token such that the resource server can detect unauthorized changes. If the access token contains confidential data, the authorization serverMUST also protect the confidentiality of the access token.¶
The clientMUST ascertain that the access token response belongs to a certain, previously sent access token request, as the request may specify the resource server with which the client wants to communicate.¶
An example access token response from the authorization server to the client is depicted inFigure 4. Here, the contents of theaccess_token claim have been truncated to improve readability. For the client, the response comprises Access Information that contains the server's public key in thers_cnf parameter. Caching proxies process the Max-Age option in the CoAP response, which has a default value of 60 seconds (Section 5.6.1 of [RFC7252]). The authorization serverSHOULD adjust the Max-Age option such that it does not exceed theexpires_in parameter to avoid stale responses.¶
2.01 Created Content-Format: application/ace+cbor Max-Age: 3560 Payload: { / access_token / 1 : b64'SlAV32hk'/... (remainder of CWT omitted for brevity; CWT contains the client's RPK in the cnf claim)/, / expires_in / 2 : 3600, / rs_cnf / 41 : { / COSE_Key / 1 : { / kty / 1 : / EC2 / 2, / crv / -1 : / P-256 / 1, / x / -2 : h'd7cc072de2205bdc1537/.../', / y / -3 : h'f95e1d4b851a2cc80fff/.../' } } }Before the client initiates the DTLS handshake with the resourceserver, the clientMUST send aPOST request containing the obtainedaccess token to the authz-info resource hosted by the resourceserver. After the client receives a confirmation that the resourceserver has accepted the access token, it proceeds to establish anew DTLS channel with the resource server. The clientMUST use itscorrect public key in the DTLS handshake. If the authorization serverhas specified acnf field in the access token response, the clientMUST use this key. Otherwise, the clientMUST use the public key thatit specified in thereq_cnf of the access token request. The clientMUST specify this public key in the SubjectPublicKeyInfo structure ofthe DTLS handshake, as described in[RFC7250].¶
If the client does not have the keying material belonging to thepublic key, the clientMAY try to send an access token request to theAS, where the client specifies its public key in thereq_cnf parameter. Ifthe AS still specifies a public key in the response that the clientdoes not have, the clientSHOULD re-register with the authorizationserver to establish a new client public key. This process is out ofscope for this document.¶
To be consistent with[RFC7252], which allows for shortened Message Authentication Code (MAC) tagsin constrained environments,an implementation that supports the RPK mode of this profileMUST atleast support the cipher suiteTLS_ECDHE_ECDSA_WITH_AES_128_CCM_8[RFC7251].As discussed in[RFC7748], new Elliptic Curve Cryptography (ECC) curves have been defined recently that are considered superior to the so-called NIST curves. Implementations of this profileMUST therefore implement support for curve25519 (cf. [RFC8032],[RFC8422]), as this curve is said to be efficient and less dangerous, regarding implementation errors, than the secp256r1 curve mandated in[RFC7252].¶
The resource serverMUST check if the access token is still valid, ifthe resource server is the intended destination (i.e., the audience)of the token, and if the token was issued by an authorizedauthorization server (see alsoSection 5.10.1.1 of [RFC9200]).The access token is constructed by theauthorization server such that the resource server can associate theaccess token with the client's public key. Thecnf claimMUSTcontain either the client's RPK or, if the key is already known by theresource server (e.g., from previous communication), a reference tothis key. If the authorization server has no certain knowledge thatthe client's key is already known to the resource server, the client'spublic keyMUST be included in the access token'scnf parameter. IfCBOR web tokens[RFC8392] are used (as recommended in[RFC9200]), keysMUST be encoded as specified in[RFC8747]. A resource serverMUST have the capacity to store oneaccess token for every proof-of-possession key of every authorized client.¶
The raw public key used in the DTLS handshake with the clientMUSTbelong to the resource server. If the resource server has several rawpublic keys, it needs to determine which key to use. The authorizationserver can help with this decision by including acnf parameter inthe access token that is associated with this communication. In thiscase, the resource serverMUST use the information from thecnffield to select the proper keying material.¶
Thus, the handshake only finishes if the client and the resourceserver are able to use their respective keying material.¶
When the client uses pre-shared key authentication, the procedure isas described in the following.¶
To retrieve an access token for the resource that the client wants toaccess, the clientMAY include areq_cnf object carrying an identifierfor a symmetric key in its access token request to the authorizationserver. This identifier can be used by the authorization server todetermine the shared secret to construct the proof-of-possessiontoken. The authorization serverMUST check if the identifier refersto a symmetric key that was previously generated by the authorizationserver as a shared secret for the communication between this clientand the resource server. If no such symmetric key was found, theauthorization serverMUST generate a new symmetric key that isreturned in its response to the client.¶
The authorization serverMUST determine the authorization rules for the client it communicates with, as defined by the resource owner, and generate the access token accordingly. If the authorization server authorizes the client, it returns an AS-to-client response. If theace_profile parameter is present, it is set tocoap_dtls. The authorization serverMUST ascertain that the access token is generated for the resource server that the client wants to communicate with. Also, the authorization serverMUST protect the integrity of the access token to ensure that the resource server can detect unauthorized changes. If the token contains confidential data, such as the symmetric key, the confidentiality of the tokenMUST also be protected. Depending on the requested token type and algorithm in the access token request, the authorization server adds Access Information to the response that provides the client with sufficient information to set up a DTLS channel with the resource server. The authorization server adds acnf parameter to the Access Information carrying aCOSE_Key object that informs the client about the shared secret that is to be used between the client and the resource server. To convey the same secret to the resource server, the authorization server can include it directly in the access token by means of thecnf claim or provide sufficient information to enable the resource server to derive the shared secret from the access token. As an alternative, the resource serverMAY use token introspection to retrieve the keying material for this access token directly from the authorization server.¶
An example access token request for an access token with a symmetricproof-of-possession key is illustrated inFigure 5.¶
POST coaps://as.example.com/token Content-Format: application/ace+cbor Payload: { / audience / 5 : "smokeSensor1807" }A corresponding example access token response is illustrated inFigure 6. In this example, the authorization server returns a2.01 response containing a new access token (truncated to improvereadability) and information for the client, including the symmetrickey in thecnf claim. The information is transferred as a CBOR datastructure as specified in[RFC9200].¶
2.01 Created Content-Format: application/ace+cbor Max-Age: 85800 Payload: { / access_token / 1 : h'd08343a1/... (remainder of CWT omitted for brevity)/', / token_type / 34 : / PoP / 2, / expires_in / 2 : 86400, / ace_profile / 38 : / coap_dtls / 1, / cnf / 8 : { / COSE_Key / 1 : { / kty / 1 : / symmetric / 4, / kid / 2 : h'3d027833fc6267ce', / k / -1 : h'73657373696f6e6b6579' } } }The access token also comprises acnf claim. This claim usuallycontains aCOSE_Key object[RFC8152] that carries either the symmetric keyitself or a key identifier that can be used by the resource server todetermine the secret key it shares with the client. If the accesstoken carries a symmetric key, the access tokenMUST be encryptedusing aCOSE_Encrypt0 structure (seeSection 7.1 of [RFC8392]). Theauthorization serverMUST usethe keying material shared with the resource server to encrypt thetoken.¶
Thecnf structure in the access token is provided inFigure 7.¶
/ cnf / 8 : { / COSE_Key / 1 : { / kty / 1 : / symmetric / 4, / kid / 2 : h'3d027833fc6267ce' }}A response that declines any operation on the requested resource isconstructed according toSection 5.2 of [RFC6749](cf. Section 5.8.3 of [RFC9200]).Figure 8shows an example for a request that has been rejected due to invalidrequest parameters.¶
4.00 Bad Request Content-Format: application/ace+cbor Payload: { / error / 30 : / invalid_request / 1 }The method for how the resource server determines the symmetric keyfrom an access token containing only a key identifier isapplication specific; the remainder of this section provides oneexample.¶
The authorization server and the resource server are assumed to sharea key derivation key used to derive the symmetric key shared with theclient from the key identifier in the access token. The keyderivation key may be derived from some other secret key sharedbetween the authorization server and the resource server. This keyneeds to be securely stored and processed in the same way as the keyused to protect the communication between the authorization server andthe resource server.¶
Knowledge of the symmetric key shared with the client must not revealany information about the key derivation key or other secret keysshared between the authorization server and resource server.¶
In order to generate a new symmetric key to be used by the client andresource server, the authorization server generates a new keyidentifier thatMUST be unique among all key identifiers used by theauthorization server for this resource server. The authorization server then uses the keyderivation key shared with the resource server to derive the symmetrickey, as specified below. Instead of providing the keying material inthe access token, the authorization server includes the key identifierin thekid parameter (seeFigure 7). This key identifier enablesthe resource server to calculate the symmetric key used for thecommunication with the client using the key derivation key and a key derivation function (KDF)to be defined by the application, for example, HKDF-SHA-256. The keyidentifier picked by the authorization serverMUST be unique foreach access token where a unique symmetric key is required.¶
In this example, the HMAC-based key derivation function (HKDF) consists of the composition of the HKDF-Extractand HKDF-Expand steps[RFC5869]. The symmetric key is derived from thekey identifier, the key derivation key, and other data:¶
OKM = HKDF(salt, IKM, info, L),¶
where:¶
info is the serialization of a CBOR array consisting of[RFC8610]:¶
info = [ type : tstr, L : uint, access_token : bytes ]¶
where:¶
All CBOR data types are encoded in CBOR using preferred serialization and deterministic encoding, as specified inSection 4 of [RFC8949]. In particular, this implies that thetype andL components use the minimum length encoding. The content of theaccess_token field is treated as opaque data for the purpose of key derivation.¶
Use of a unique (per-resource-server)kid and the use of a key derivation IKM thatMUST be unique per AS/RS pair, as specified above, will ensure that the derived key is not shared across multiple clients. However, to provide variation in the derived key across different tokens used by the same client, it is additionallyRECOMMENDED to include theiat claim and either theexp orexi claims in the access token.¶
When a client receives an access token response from an authorizationserver, the clientMUST check if the access token response is bound toa certain, previously sent access token request, as the request mayspecify the resource server with which the client wants tocommunicate.¶
The client checks if the payload of the access token response contains anaccess_token parameter and acnf parameter. With this information, the client can initiate the establishment of a new DTLS channel with a resource server. To use DTLS with pre-shared keys, the client follows the PSK key exchange algorithm specified inSection 2 of [RFC4279], using the key conveyed in thecnf parameter of the AS response as a PSK when constructing the premaster secret. To be consistent with the recommendations in[RFC7252], a client in the PSK modeMUST support the cipher suite TLS_PSK_WITH_AES_128_CCM_8[RFC6655].¶
In PreSharedKey mode, the knowledge of the shared secret by the client and the resource server is used for mutual authentication between both peers. Therefore, the resource server must be able to determine the shared secret from the access token. Following the general ACE authorization framework, the client can upload the access token to the resource server's authz-info resource before starting the DTLS handshake. The client then needs to indicate during the DTLS handshake which previously uploaded access token it intends to use. To do so, itMUST create aCOSE_Key structure with thekid that was conveyed in thers_cnf claim in the token response from the authorization server and the key typesymmetric. This structure then is included as the only element in thecnf structure whose CBOR serialization is used as value forpsk_identity, as shown inFigure 9.¶
{ / cnf / 8 : { / COSE_Key / 1 : { / kty / 1 : / symmetric / 4, / kid / 2 : h'3d027833fc6267ce' } }}kid ParameterThe actual CBOR serialization for the data structure fromFigure 9 as a sequence of bytes in hexadecimal notation will be:¶
A1 08 A1 01 A2 01 04 02 48 3D 02 78 33 FC 62 67 CE¶
As an alternative to the access token upload, the client can providethe most recent access token in thepsk_identity field of theClientKeyExchange message. To do so, the clientMUST treat thecontents of theaccess_token field from the AS-to-client response asopaque data, as specified inSection 4.2 of [RFC7925], and not performany recoding. This allows the resource server to retrieve the sharedsecret directly from thecnf claim of the access token.¶
DTLS 1.3[RFC9147] does not use the ClientKeyExchange message; for DTLS 1.3, the access token is placed in theidentity field of aPSKIdentity within thePreSharedKeyExtension of theClientHello.¶
If a resource server receives a ClientKeyExchange message thatcontains apsk_identity with a length greater than zero, itMUSTparse the contents of thepsk_identity field as a CBOR data structureand process the contents as following:¶
cnf field with aCOSE_Key structure withakid, the resource server continues the DTLS handshake with theassociated key that corresponds to this kid.¶If the contents of thepsk_identity do not yield sufficientinformation to select a valid access token for the requesting client,the resource server aborts the DTLS handshake with anillegal_parameter alert.¶
When the resource server receives an access token, itMUST check ifthe access token is still valid, if the resource server is theintended destination (i.e., the audience of the token), and if thetoken was issued by an authorized authorization server. Thisspecification implements access tokens as proof-of-possession tokens.Therefore, the access token is bound to a symmetric PoP keythat is used as a shared secret between the client and the resourceserver. A resource serverMUST have the capacity to store oneaccess token for every proof-of-possession key of every authorized client.The resource server may use token introspection[RFC7662] onthe access token to retrieve more information about the specifictoken. The use of introspection is out of scope for thisspecification.¶
While the client can retrieve the shared secret from the contents ofthecnf parameter in the AS-to-client response, the resource serveruses the information contained in thecnf claim of the access tokento determine the actual secret when no explicitkid was provided inthepsk_identity field. If key derivation is used, thecnf claimMUST contain akid parameter to be used by the server as the IKM forkey derivation, as described above.¶
Once a DTLS channel has been established as described in either Sections3.2or3.3, respectively, the client is authorized to accessresources covered by the access token it has uploaded to theauthz-info resource that is hosted by the resource server.¶
With the successful establishment of the DTLS channel, the client andthe resource server have proven that they can use their respectivekeying material. An access token that is bound to the client's keyingmaterial is associated with the channel. According toSection 5.10.1 of [RFC9200], there should be only one access tokenfor each client. New access tokens issued by the authorization serverSHOULD replace previously issued access tokens for therespective client. The resource server therefore needs a commonunderstanding with the authorization server about how access tokens areordered. The authorization server may, e.g., specify acti claim forthe access token (seeSection 5.9.2 of [RFC9200]) toemploy a strict order.¶
Any request that the resource server receives on a DTLS channel thatis tied to an access token via its keying materialMUST be checked against the authorization rules that can be determinedwith the access token. The resource serverMUST check for every request if the access token is still valid.If the token has expired, the resource serverMUST remove it.Incoming CoAP requests that are not authorized with respectto any access token that is associated with the clientMUST berejected by the resource server with a 4.01 response. The responseSHOULD include AS Request Creation Hints, as described inSection 5.2 of [RFC9200].¶
The resource serverMUST NOT accept an incoming CoAP request asauthorized if any of the following fails:¶
Incoming CoAP requests received on a secure DTLS channel that are not thus authorizedMUST be rejected according toSection 5.10.2 of [RFC9200]:¶
The clientMUST ascertain that its keying material is still validbefore sending a request or processing a response. If the clientrecently has updated the access token (seeSection 4), it must beprepared that its request is still handled according to the previousauthorization rules, as there is no strict ordering between accesstoken uploads and resource access messages. See alsoSection 7.2 for a discussion of access tokenprocessing.¶
If the client gets an error responsecontaining AS Request Creation Hints (cf. Section 5.3 of [RFC9200])as a response to its requests, itSHOULD request a new access token fromthe authorization server in order to continue communication with theresource server.¶
Unauthorized requests that have been received over a DTLS sessionSHOULD be treated as nonfatal by the resource server, i.e., the DTLSsessionSHOULD be kept alive until the associated access token hasexpired.¶
Resource servers must only use a new access token to update theauthorization information for a DTLS session if the keying materialthat is bound to the token is the same that was used in the DTLShandshake. By associating the access tokens with the identifier of anexisting DTLS session, the authorization information can be updatedwithout changing the cryptographic keys for the DTLS communicationbetween the client and the resource server, i.e., an existing sessioncan be used with updated permissions.¶
The client can therefore update the authorization information stored at theresource server at any time without changing an established DTLSsession. To do so, the client requests anew access token from the authorization server for the intended action on the respective resourceand uploads this access token to the authz-info resource on theresource server.¶
Figure 10 depicts the message flow where the client requestsa new access token after a security association between the client andthe resource server has been established using this protocol. If theclient wants to update the authorization information, the tokenrequestMUST specify the key identifier of the proof-of-possession keyused for the existing DTLS channel between the client and the resourceserver in thekid parameter of the client-to-AS request. Theauthorization serverMUST verify that the specifiedkid denotes avalid verifier for a proof-of-possession token that has previouslybeen issued to the requesting client. Otherwise, the client-to-ASrequestMUST be declined with the error codeunsupported_pop_key, asdefined inSection 5.8.3 of [RFC9200].¶
When the authorization server issues a new access token to updateexisting authorization information, itMUST include the specifiedkidparameter in this access token. A resource serverMUST replace theauthorization information of any existing DTLS session that is identifiedby this key identifier with the updated authorization information.¶
C RS AS | <===== DTLS channel =====> | | | + Access Token | | | | | | --- Token Request ----------------------------> | | | | | <---------------------------- New Access Token - | | + Access Information | | | | | --- Update /authz-info --> | | | New Access Token | | | | | | == Authorized Request ===> | | | | | | <=== Protected Resource == | |
The resource serverMUST delete access tokens that are no longer valid. DTLS associations that have been set up in accordance with this profile are always tied to specific tokens (which may be exchanged with a dynamic update, as described inSection 4). As tokens may become invalid at any time (e.g., because they have expired), the association may become useless at some point. A resource server thereforeMUST terminate existing DTLS association after the last access token associated with this association has expired.¶
As specified inSection 5.10.3 of [RFC9200],the resource serverMUST notify the client with an error response withcode 4.01 (Unauthorized) for any long-running request beforeterminating the association.¶
As specified in the ACE framework (Sections5.8 and5.9 of[RFC9200]), the requesting entity (the resourceserver and/or the client) and the authorization server communicate viathe token endpoint or introspection endpoint. The use of CoAP andDTLS for this communication isRECOMMENDED in this profile. Otherprotocols fulfilling the security requirements defined inSection 5 of [RFC9200]MAY be used instead.¶
How credentials (e.g., PSK, RPK, X.509 cert) for using DTLS with theauthorization server are established is out of scope for this profile.¶
If other means of securing the communication with the authorizationserver are used, the communication security requirements fromSection 6.2 of [RFC9200] remain applicable.¶
This document specifies a profile for the Authentication andAuthorization for Constrained Environments (ACE) framework[RFC9200]. As it follows this framework's generalapproach, the general security considerations fromSection 6 of [RFC9200] also apply to this profile.¶
The authorization server must ascertain that the keying material forthe client that it provides to the resource server actually isassociated with this client. Malicious clients may hand over accesstokens containing their own access permissions to other entities. Thisproblem cannot be completely eliminated. Nevertheless, in RPK mode, itshould not be possible for clients to request access tokens forarbitrary public keys; if the client can cause the authorizationserver to issue a token for a public key without proving possession ofthe corresponding private key, this allows for identity misbindingattacks, where the issued token is usable by an entity other than theintended one. At some point, the authorization server therefore needsto validate that the client can actually use the private keycorresponding to the client's public key.¶
When using pre-shared keys provisioned by the authorization server,the security level depends on the randomness of PSKs and the securityof the TLS cipher suite and key exchange algorithm. As thisspecification targets constrained environments, message payloadsexchanged between the client and the resource server are expected tobe small and rare. CoAP[RFC7252] mandates the implementation ofcipher suites with abbreviated, 8-byte tags for message integrityprotection. For consistency, this profile requires implementation ofthe same cipher suites. For application scenarios where the cost offull-width authentication tags is low compared to the overall amountof data being transmitted, the use of cipher suites with 16-byteintegrity protection tags is preferred.¶
The PSK mode of this profile offers a distribution mechanism to convey authorization tokens together with a shared secret to a client and a server. As this specification aims at constrained devices and uses CoAP[RFC7252] as the transfer protocol, at least the cipher suite TLS_PSK_WITH_AES_128_CCM_8[RFC6655] should be supported. The access tokens and the corresponding shared secrets generated by the authorization server are expected to be sufficiently short-lived to provide similar forward-secrecy properties to using ephemeral Diffie-Hellman (DHE) key exchange mechanisms. For longer-lived access tokens, DHE cipher suites should be used, i.e., cipher suites of the form TLS_DHE_PSK_* or TLS_ECDHE_PSK_*.¶
Constrained devices that use DTLS[RFC6347][RFC9147] are inherentlyvulnerable to Denial of Service (DoS) attacks, as the handshakeprotocol requires creation of internal state within the device. Thisis specifically of concern where an adversary is able to intercept theinitial cookie exchange and interject forged messages with a validcookie to continue with the handshake. A similar issue exists with theunprotected authorization information endpoint when the resourceserver needs to keep valid access tokens for a long time. Adversariescould fill up the constrained resource server's internal storage for avery long time with intercepted or otherwise retrieved valid accesstokens. To mitigate against this, the resource server should set atime boundary until an access token that has not been used until thenwill be deleted.¶
The protection of access tokens that are stored in the authorizationinformation endpoint depends on the keying material that is used betweenthe authorization server and the resource server; the resource servermust ensure that it processes only access tokens that are integrity protected (and encrypted) by an authorization server that is authorizedto provide access tokens for the resource server.¶
To avoid the overhead of a repeated DTLS handshake,[RFC7925] recommendssession resumption[RFC8446] to reuse session state froman earlier DTLS association and thus requires client-sideimplementation. In this specification, the DTLS session is subject tothe authorization rules denoted by the access token that was used forthe initial setup of the DTLS association. Enabling session resumptionwould require the server to transfer the authorization informationwith the session state in an encrypted SessionTicket to theclient. Assuming that the server uses long-lived keying material, thiscould open up attacks due to the lack of forward secrecy. Moreover,using this mechanism, a client can resume a DTLS session withoutproving the possession of the PoP key again. Therefore, sessionresumption should be used only in combination with reasonablyshort-lived PoP keys.¶
Since renegotiation of DTLS associations is prone to attacks as well,[RFC7925] requires that clients decline any renegotiation attempt. A server that wants to initiate rekeying thereforeSHOULD periodically force a full handshake.¶
ImplementersSHOULD avoid using multiple access tokens for aclient (see alsoSection 5.10.1 of [RFC9200]).¶
Even when a single access token per client is used, an attacker couldcompromise the dynamic update mechanism for existing DTLS connectionsby delaying or reordering packets destined for the authz-infoendpoint. Thus, the order in which operations occur at the resourceserver (and thus which authorization info is used to process a givenclient request) cannot be guaranteed. Especially in the presence oflater-issued access tokens that reduce the client's permissions fromthe initial access token, it is impossible to guarantee that thereduction in authorization will take effect prior to the expiration ofthe original token.¶
To communicate securely, the authorization server, the client, and theresource server require certain information that must be exchangedoutside the protocol flow described in this document. Theauthorization server must have obtained authorization informationconcerning the client and the resource server that is approved by theresource owner, as well as corresponding keying material. The resourceserver must have received authorization information approved by theresource owner concerning its authorization managers and therespective keying material. The client must have obtainedauthorization information concerning the authorization server approvedby its owner, as well as the corresponding keying material. Also, theclient's owner must have approved of the client's communication withthe resource server. The client and the authorization server must haveobtained a common understanding about how this resource server is identifiedto ensure that the client obtains access tokens and keying material forthe correct resource server. If the client is provided with a rawpublic key for the resource server, it must be ascertained to whichresource server (which identifier and authorization information) thekey is associated. All authorization information and keying materialmust be kept up to date.¶
This privacy considerations fromSection 7 of [RFC9200] apply also to this profile.¶
An unprotected response to an unauthorized request may discloseinformation about the resource server and/or its existing relationshipwith the client. It is advisable to include as little information aspossible in an unencrypted response. When a DTLS session between an authenticatedclient and the resource server already exists, more detailedinformationMAY be included with an error response to provide theclient with sufficient information to react on that particular error.¶
Also, unprotected requests to the resource server may revealinformation about the client, e.g., which resources the clientattempts to request or the data that the client wants to provide tothe resource server. The clientSHOULD NOT send confidential data inan unprotected request.¶
Note that some information might still leak after the DTLS session isestablished, due to observable message sizes, the source, and thedestination addresses.¶
The following registration has been made in the "ACE Profiles"registry, following the procedure specified in[RFC9200].¶
Special thanks toJim Schaad for his contributions and reviews of thisdocument and toBen Kaduk for his thorough reviews of thisdocument. Thanks also toPaul Kyzivat for his review. The authors alsowould like to thankMarco Tiloca for his contributions.¶
Ludwig Seitz worked on this document as part of the CelticNextprojects CyberWI and CRITISEC with funding from Vinnova.¶