The IESG has approved the following document: - 'Nimble out-of-band authentication for EAP (EAP-NOOB)' (draft-ietf-emu-eap-noob-06.txt) as Proposed Standard
This document is the product of the EAP Method Update Working Group. The IESG contact persons are Benjamin Kaduk and Roman Danyliw. A URL of this Internet Draft is: https://datatracker.ietf.org/doc/draft-ietf-emu-eap-noob/ Technical Summary The Extensible Authentication Protocol (EAP) provides support for multiple authentication methods. This document defines the EAP-NOOB authentication method for nimble out-of-band (OOB) authentication and key derivation. The EAP method is intended for bootstrapping all kinds of Internet-of-Things (IoT) devices that have no pre-configured authentication credentials. The method makes use of a user-assisted one-directional OOB message between the peer device and authentication server to authenticate the in-band key exchange. The device must have an input or output interface, such as a display, microphone, speaker or blinking light, which can send or receive dynamically generated messages of tens of bytes in length. Working Group Summary The document received a detailed early IoT directorate review. Document Quality At least three public implementations of the protocol are available: 1. wpa_supplicant - https://github.com/tuomaura/eap-noob 2. contiki - https://github.com/eduingles/coap-eap-noob 3. hostap - https://github.com/Vogeltak/hostap The protocol has security proofs: 1. Proverif: https://github.com/tuomaura/eap-noob/tree/master/protocolmodel/proverif 2. mcrl2: https://github.com/tuomaura/eap-noob/tree/master/protocolmodel/mcrl2 Personnel Document Shepherd - Joe Salowey Responsible AD - Roman Danyliw _______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu