The IESG has received a request from the Constrained RESTful Environments WG (core) to consider the following document: - 'Object Security for Constrained RESTful Environments (OSCORE)' <draft-ietf-core-object-security-13.txt> as Proposed Standard This is the Second IETF Last Call on the document, as the document has changed significantly after IESG review and IETF community should be given a change to review the changes. In particular interested readers should review updated Section 11 (HTTP Operations) and newly added Appendix D (Overview of Security Properties). The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the ietf@ietf.org mailing lists by 2018-07-30. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract This document defines Object Security for Constrained RESTful Environments (OSCORE), a method for application-layer protection of the Constrained Application Protocol (CoAP), using CBOR Object Signing and Encryption (COSE). OSCORE provides end-to-end protection between endpoints communicating using CoAP or CoAP-mappable HTTP. OSCORE is designed for constrained nodes and networks supporting a range of proxy operations, including translation between different transport protocols. The file can be obtained via https://datatracker.ietf.org/doc/draft-ietf-core-object-security/ IESG discussion can be tracked via https://datatracker.ietf.org/doc/draft-ietf-core-object-security/ballot/ No IPR declarations have been submitted directly on this I-D.
