{"draft":"draft-ietf-emu-eap-noob-06","doc_id":"RFC9140","title":"Nimble Out-of-Band Authentication for EAP (EAP-NOOB)","authors":["T. Aura","M. Sethi","A. Peltonen"],"format":["HTML","TEXT","PDF","XML"],"page_count":"51","pub_status":"PROPOSED STANDARD","status":"PROPOSED STANDARD","source":"EAP Method Update","abstract":"The Extensible Authentication Protocol (EAP) provides support for\r\nmultiple authentication methods. This document defines the EAP-NOOB\r\nauthentication method for nimble out-of-band (OOB) authentication and\r\nkey derivation. The EAP method is intended for bootstrapping all\r\nkinds of Internet-of-Things (IoT) devices that have no preconfigured\r\nauthentication credentials. The method makes use of a user-assisted,\r\none-directional, out-of-band (OOB) message between the peer device\r\nand authentication server to authenticate the in-band key exchange.\r\nThe device must have a nonnetwork input or output interface, such as\r\na display, microphone, speaker, or blinking light, that can send or\r\nreceive dynamically generated messages of tens of bytes in length.","pub_date":"December 2021","keywords":["IoT security","cybersecurity","network access authorization","Extensible Authentication Protocol","key exchange"],"obsoletes":[],"obsoleted_by":[],"updates":[],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC9140","errata_url":null}