Dear all,
We have submitted a new version of our draft titled "Nimble out-of-band authentication for EAP (EAP-NOOB)": https://tools.ietf.org/html/draft-aura-eap-noob-04 The draft defines an EAP method where the authentication is based on a user-assisted out-of-band (OOB) channel between the server and peer. It is intended as a generic bootstrapping solution for Internet-of-Things devices which have no pre-configured authentication credentials and which are not yet registered on the authentication server. What is new in version -04? Since the previous version, we have done extensive modeling and verification of the protocol and worked to resolve some discovered issues. We especially looked for denial-of-service conditions that may arise from dropped messages and other protocol failures, which both could be caused a network attacker. Based on this analysis, we have rethought the recovery from dropped final messages. The error handling still needs some attention. In any case, the specification is a pretty good shape and ready for anyone to review. The open-source implementation and the mCRL2 formal model are still based on the previous version but work is ongoing to update them: https://github.com/tuomaura/eap-noob Emu is the working group that closest matches our spec. Thus, we look forward to your feedback and comments here or in the wg meeting in a couple of weeks. Regards, Tuomas -----Original Message----- From: internet-dra...@ietf.org <internet-dra...@ietf.org> Sent: Monday, 22 October, 2018 20:50 To: Mohit Sethi <mo...@piuha.net>; Aura Tuomas <tuomas.a...@aalto.fi> Subject: New Version Notification for draft-aura-eap-noob-04.txt A new version of I-D, draft-aura-eap-noob-04.txt has been successfully submitted by Tuomas Aura and posted to the IETF repository. Name: draft-aura-eap-noob Revision: 04 Title: Nimble out-of-band authentication for EAP (EAP-NOOB) Document date: 2018-10-22 Group: Individual Submission Pages: 58 URL: https://www.ietf.org/internet-drafts/draft-aura-eap-noob-04..txt Status: https://datatracker.ietf.org/doc/draft-aura-eap-noob/ Htmlized: https://tools.ietf.org/html/draft-aura-eap-noob-04 Htmlized: https://datatracker.ietf.org/doc/html/draft-aura-eap-noob Diff: https://www.ietf.org/rfcdiff?url2=draft-aura-eap-noob-04 Abstract: Extensible Authentication Protocol (EAP) provides support for multiple authentication methods. This document defines the EAP-NOOB authentication method for nimble out-of-band (OOB) authentication and key derivation. This EAP method is intended for bootstrapping all kinds of Internet-of-Things (IoT) devices that have a minimal user interface and no pre-configured authentication credentials. The method makes use of a user-assisted one-directional OOB channel between the peer device and authentication server. Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. The IETF Secretariat
_______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu
