you gave the standards references but I think that is not sufficient. I have a T2TRG draft: https://datatracker.ietf.org/doc/draft-irtf-t2trg-security-setup-iot-devices/ <https://datatracker.ietf.org/doc/draft-irtf-t2trg-security-setup-iot-devices/> which has a short description of FIDO which is pretty complicated by itself.
Thanks for the comments. Adding text about FIDO is definitely needed and still a TODO.For this first I-D version I just wanted to have a spec of the protocol as starting point for discussions. I'll look into your I-D and the next I-D version should have at least a basic description of what FIDO is.
- My second concern is the use of AAA for IoT devices. I mentioned this before on some other EMU draft. I believe that AAA will not work with IoT. The way AAA servers function it will not be scalable to the billions of IoT devices expected to be deployed.
I don't understand what you mean by that.IoT is not a primary focus of this draft, so I haven't put much thought into high scalability for billions of devices.
And to me it sounds more like "EAP is not the right thing for IoT" rather than "EAP-FIDO is not the right thing for IoT"
I will definitely look into the FIDO Device Onboarding specification to see if this can help make EAP-FIDO more IoT compatible.
Cheers, Janfred -- Herr Jan-Frederik Rieckers Security, Trust & Identity Services E-Mail: rieck...@dfn.de | Fon: +49 30884299-339 | Fax: +49 30884299-370 Pronomen: er/sein | Pronouns: he/him __________________________________________________________________________________DFN - Deutsches Forschungsnetz | German National Research and Education Network
Verein zur Förderung eines Deutschen Forschungsnetzes e.V. Alexanderplatz 1 | 10178 Berlin www.dfn.deVorstand: Prof. Dr. Odej Kao (Vorsitzender) | Dr. Rainer Bockholt | Christian Zens
Geschäftsführung: Dr. Christian Grimm | Jochem Pattloch VR AG Charlottenburg 7729B | USt.-ID. DE 1366/23822
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu