Open Cloud Mesh

	draft-ietf-ocm-open-cloud-mesh-00.txt
	Date:	25/11/2025
	Authors:	Giuseppe Presti, Michiel de Jong, Mahdi Baghbani, Micke Nordin
	Working Group:	Open Cloud Mesh (ocm)

Open Cloud Mesh (OCM) is a server federation protocol that is used to notify a Receiving Party that they have been granted access to some Resource. It has similarities with authorization flows such as OAuth, as well as with social internet protocols such as ActivityPub and email. A core use case of OCM is when a user (e.g., Alice on System A) wishes to share a resource (e.g., a file) with another user (e.g., Bob on System B) without transferring the resource itself or requiring Bob to log in to System A. While this scenario is illustrative, OCM is designed to support a broader range of interactions, including but not limited to file transfers. Open Cloud Mesh handles interactions only up to the point where the Receiving Party is informed of their access to the Resource. Actual Resource access is subsequently managed by other protocols, such as WebDAV.

Javascript disabled? Like other modern websites, the IETF Datatracker relies on Javascript. Please enable Javascript for full functionality.

Open Cloud Mesh (ocm)

WG	Name	Open Cloud Mesh
	Acronym	ocm
	Area	Applications and Real-Time Area (art)
	State	Active
	Charter	charter-ietf-ocm-01 Approved
	Document dependencies	Document dependencies Loading... Pan and zoom the dependency graph after the layout settles. Show legend Loading...
Personnel	Chairs	Lisa M. Dusseault, Thibault Meunier
	Area Director	Andy Newton
Mailing list	Address	ocm@ietf.org
	To subscribe	https://www.ietf.org/mailman/listinfo/ocm
	Archive	https://mailarchive.ietf.org/arch/browse/ocm/
Chat	Room address	https://zulip.ietf.org/#narrow/stream/ocm

Charter for Working Group

Introduction & Background

Open Cloud Mesh (OCM) is a server-to-server protocol designed to enable
federation between Enterprise File Sync and Share (EFSS) platforms.
Initially conceived of in 2015 and deployed since 2016, OCM has been
implemented by several platforms. This working group seeks to formally
specify OCM.

A core use case of OCM is when a user with file-sharing functionality
within one administrative domain wishes to provide file access to a
user in another administrative domain without transferring the resource itself.
When many administrative domains are involved (e.g., many universities
and research centers with cross-collaboration) it becomes hard to allow
users to log into each others' administrative domains. Instead, a
federated system has been built to allow servers in one domain to
connect to trusted servers in other domains and make shared data
available to their own logged-in users.

OCM defines the exchange up to the point where other established
protocols such as WebDAV or JMAP can take over. This layered design
makes OCM agnostic to the underlying data exchange
mechanisms, enabling seamless integration between diverse systems.

The OCM specification has now grown
to a level of maturity where it will be useful to converge on a set of
features in a stable specification for vendors to target.

The architectural context for OCM is therefore federated servers already
providing an interoperable interface within their individual contexts,
but requiring share mechanisms that cross administative boundaries, using
pre-existing trust mechanisms.

Scope

The OCM WG will produce Standards Track specification(s)
for OCM's share/invite functionality. With these
specifications the WG will:

Cover general flows and structure of the protocol,
Define extensible data models for objects conveyed in the protocol,
Explain trust decisions and how trust can be established before
resources can be securely shared,
Describe server-to-server invitations,
Describe requirements around sending and receiving shares
Describe requirements for managing active shares
Consider whether operations, management or scaling of OCM servers
requires any requirements or recommenations,
Consider extensibility in the protocol, data model and discovery
mechanisms
Develop security considerations

The working group will not define new data transfer protocols or
mechanisms unrelated to server-to-server federation and metadata
exchange. Instead, established protocols such as WebDAV will be used
for actual data transfer.

OCM does not aim to address identity federation (e.g., OIDC or SAML);
rather, it leverages existing protocols for identity and authentication
where appropriate. OCM also does not propose to create interoperable
protocol flows to establish trust relationships where there are none
before; instead the WG will explain how trust relationships set up
out-of-band (e.g., configuration of server settings or allow lists)
are required for secure sharing.

OCM is not a user-oriented messaging or social media
protocol like ActivityPub or Matrix federation, but addresses
different use cases focused on content federation and metadata
exchange.

Deliverables

One specification or family of specifications, that describe
OCM Invite/Share functionality and associated considerations such as
operational and security considerations.

Milestones

Date	Milestone	Associated documents
Dec 2026	Request publication of the specification(s) for OCM.