Hi all!
I have updated the EAP-NOOB draft. Here is a summary of the changes: * The major change was to add a separate request-response pair for communicating the PeerId and peer state to the server, instead of overloading the NAI. This is in conformance with RFC 3748 section 5.1: the NAI is now used only for routing the EAP requests and for selecting the method, and the method-specific peer identifier is communicated inside the method. (Note that the example messages in the appendix have not yet been updated.) * Rolled back a change introduced in the previous version: the Kz identifier. While this could make implementation slightly easier, it conflicted with a potential future privacy extension where the PeerId is re-randomized periodically. * Refactored the text so that the initial handshake part of the exchanges, which is common to all exchanges, is described in its own section. This change is in response to questions from implementors. The text now follows more closely what I expect to be the sever logic in a the typical implementation. There were also other smaller editorial clarifications, e.g. when to start using the server-assigned realm. Regards, Tuomas -----Original Message----- From: internet-dra...@ietf.org <internet-dra...@ietf.org> Sent: Wednesday, July 3, 2019 3:47 PM To: Mohit Sethi <mo...@piuha.net>; Aura Tuomas <tuomas.a...@aalto.fi> Subject: New Version Notification for draft-aura-eap-noob-06.txt A new version of I-D, draft-aura-eap-noob-06.txt has been successfully submitted by Tuomas Aura and posted to the IETF repository. Name: draft-aura-eap-noob Revision: 06 Title: Nimble out-of-band authentication for EAP (EAP-NOOB) Document date: 2019-07-03 Group: Individual Submission Pages: 62 URL: https://www.ietf.org/internet-drafts/draft-aura-eap-noob-06.txt Status: https://datatracker.ietf.org/doc/draft-aura-eap-noob/ Htmlized: https://tools.ietf.org/html/draft-aura-eap-noob-06 Htmlized: https://datatracker.ietf.org/doc/html/draft-aura-eap-noob Diff: https://www.ietf.org/rfcdiff?url2=draft-aura-eap-noob-06 Abstract: Extensible Authentication Protocol (EAP) provides support for multiple authentication methods. This document defines the EAP-NOOB authentication method for nimble out-of-band (OOB) authentication and key derivation. This EAP method is intended for bootstrapping all kinds of Internet-of-Things (IoT) devices that have a minimal user interface and no pre-configured authentication credentials. The method makes use of a user-assisted one-directional OOB channel between the peer device and authentication server. Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. The IETF Secretariat _______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu