Search RFCs
RFC 9140
Nimble Out-of-Band Authentication for EAP (EAP-NOOB),December 2021
- File formats:
- Also available:XML file for editing
- Status:
- PROPOSED STANDARD
- Authors:
- T. Aura
M. Sethi
A. Peltonen - Stream:
- IETF
- Source:
- emu (sec)
Cite this RFC:TXT | XML | BibTeX
DOI: https://doi.org/10.17487/RFC9140
Discuss this RFC: Send questions or comments to the mailing listemu@ietf.org
Other actions:Submit Errata | Find IPR Disclosures from the IETF | View History of RFC 9140
Abstract
The Extensible Authentication Protocol (EAP) provides support formultiple authentication methods. This document defines the EAP-NOOBauthentication method for nimble out-of-band (OOB) authentication andkey derivation. The EAP method is intended for bootstrapping allkinds of Internet-of-Things (IoT) devices that have no preconfiguredauthentication credentials. The method makes use of a user-assisted,one-directional, out-of-band (OOB) message between the peer deviceand authentication server to authenticate the in-band key exchange.The device must have a nonnetwork input or output interface, such asa display, microphone, speaker, or blinking light, that can send orreceive dynamically generated messages of tens of bytes in length.
For the definition ofStatus,seeRFC 2026.
For the definition ofStream, seeRFC 8729.