**Session Date/Time:** 19 Dec 2022 14:00

# [ACE](../wg/ace.html)

## Summary

The ACE Working Group met to discuss the status and progress of four drafts: `draft-ietf-ace-mqtt-tls-profile-groupcomm-oscore`, `draft-ietf-ace-groupcomm`, `draft-ietf-ace-groupcomm-oscore`, and `draft-ietf-ace-remote-token-notification`. Key discussions centered on simplifying the `groupcomm-oscore-pubsub` draft by focusing on CoAP, the impending AD review for the `groupcomm` drafts and their clustered publication strategy, and the `remote-token-notification` draft's readiness for Working Group Last Call. The `edoc` draft discussion was postponed due to time constraints.

## Key Discussion Points

*   **`draft-ietf-ace-mqtt-tls-profile-groupcomm-oscore-05` (Group Communication for PubSub)**
    *   The draft, revived and updated to align with `groupcom` requirements, has expanded its scope significantly to cover various KDC interface elements, resource operations, and group operations (clearing, credential updates, removal, re-keying).
    *   A major change involved questioning the inclusion of MQTT support due to the perceived complexity for a single client needing to implement multiple protocols: HTTP for the MQTT-TLS profile (for ACE transport), CoAP for KDC interaction, and MQTT for pub/sub communication.
    *   A sense of those present indicated support for focusing the draft on CoAP for now, with the possibility of developing a separate MQTT-specific profile in the future. This approach simplifies the current document.
    *   The document's dependence on the `CoAP PubSub` draft was noted, and authors for that draft are actively working on a revival.
    *   The author, Sigdem, requested assistance, particularly from individuals familiar with CoAP PubSub, to review and guide decisions on acceptable algorithms, authentication credentials, group key generation, and policy resources that the KDC should host.
    *   Marco offered to assist with reviewing key usage and alignment with `groupcom` requirements, suggesting a targeted telecon. He also advised on adopting methods from `groupcom-oscore` for KDC challenges in DTLS profiles and registering a CoAP content format for the AIF data model.
    *   The author indicated that the draft is not yet ready for a Working Group Last Call due to outstanding technical clarification needs.
*   **`draft-ietf-ace-groupcomm-15` (Group Communication for CoAP)**
    *   This draft is currently undergoing AD review.
    *   A GitHub issue was raised, proposing to relax a `MUST` requirement regarding a parameter's inclusion in the KDC's joining response to a `SHOULD`, with clarifying text for specific use cases (e.g., for pub/sub profiles).
    *   The author, Marco, plans to incorporate this change during the processing of the AD's review comments, rather than submitting a new revision now, to avoid confusion.
*   **`draft-ietf-ace-groupcomm-oscore-15` (Group Communication OSCORE Profile)**
    *   The draft is awaiting the Shepherd's write-up (Record is the Shepherd).
    *   Minor issues were identified: map keys in an example figure should use double quotes, and clarification is needed that map keys are text strings for convenience but are intended to be CBOR integer abbreviations. These will be addressed in the next revision.
    *   The publication strategy for this document, alongside `groupcomm` and two other CoRE documents, was discussed. There is a desire to cluster their publication for IESG convenience. Coordination between ACE and CoRE WGs chairs and relevant ADs will be necessary.
*   **`draft-ietf-ace-remote-token-notification-03`**
    *   This draft defines a mechanism for clients and resource servers to receive notifications about revoked but not-yet-expired access tokens from the Authorization Server (AS), complementing introspection.
    *   The draft supports two modes: obtaining a full list of revoked tokens, and a "diff query" mode for updates, which now includes an optional `cursor` extension for fetching updates from a specified resumption point.
    *   Recent revisions have streamlined the `cursor` extension and standardized AS messages to use CBOR maps as payloads.
    *   Remaining work includes adding examples for the `cursor` extension, summarizing parameters in an appendix, and adding security considerations.
    *   The author, Marco, is confident that a new revision (04) addressing these points could be ready for a Working Group Last Call by the Yokohama meeting.
*   **`draft-ietf-ace-edoc`**
    *   Discussion of this draft was postponed to the next interim meeting due to time constraints.

## Decisions and Action Items

*   **`draft-ietf-ace-mqtt-tls-profile-groupcomm-oscore`**:
    *   **Decision:** The draft will focus on CoAP as the primary pub/sub protocol, with MQTT support potentially deferred to a separate profile in the future.
    *   **Action Item (Sigdem):** Work with Marco on the draft, focusing on key usage, `groupcom` alignment, authentication credentials, and group key construction.
    *   **Action Item (Sigdem):** Consider Marco's suggestions regarding KDC challenge methods (referencing `groupcom-oscore`) and registering a CoAP content format for the AIF data model.
    *   **Action Item (Chairs):** Explore organizing a design team meeting (involving Sigdem, Francesca, Marco, and other interested parties) to broaden input and accelerate progress.
    *   **Action Item (Daniel):** Identify additional resources for the draft if collaboration between Sigdem and Marco requires further support.
*   **`draft-ietf-ace-groupcomm`**:
    *   **Action Item (Marco):** Incorporate the proposed text (relaxing a `MUST` to a `SHOULD`) from the GitHub issue during the processing of the AD review comments.
*   **`draft-ietf-ace-groupcomm-oscore`**:
    *   **Action Item (Marco):** Fix map key notation and add clarification about CBOR integer abbreviations when processing the Shepherd review for version 16.
*   **`draft-ietf-ace-remote-token-notification`**:
    *   **Action Item (Marco):** Add example message exchanges for the `diff query` mode with `cursor` extension, include an appendix summarizing parameters/constants, and expand the security considerations for revision 04.
*   **Cross-WG Cluster Publication**:
    *   **Action Item (ACE Chair):** Send a heads-up to the relevant ADs (Ace and CoRE) and CoRE Working Group chairs regarding the proposed cluster publication strategy for `groupcomm-oscore`, `groupcomm`, and two other CoRE documents, especially once the Shepherd review for `groupcomm-oscore` is addressed. This should include discussion of a single AD potentially handling the entire cluster.

## Next Steps

*   Sigdem and Marco will collaborate to advance `draft-ietf-ace-mqtt-tls-profile-groupcomm-oscore`, with a potential design team meeting for broader input.
*   Marco will proceed with updates for `draft-ietf-ace-groupcomm` and `draft-ietf-ace-groupcomm-oscore` based on AD and Shepherd reviews, respectively.
*   Marco will finalize `draft-ietf-ace-remote-token-notification` for a potential Working Group Last Call.
*   The ACE Chair will initiate coordination with CoRE WGs chairs and ADs regarding the clustered publication strategy.
*   Discussion on `draft-ietf-ace-edoc` is deferred to the next interim meeting.