RFC 9140

Nimble Out-of-Band Authentication for EAP (EAP-NOOB), December 2021

File formats:

icon for HTML icon for text file icon for v3pdf icon for XML
Status:
PROPOSED STANDARD
Authors:
T. Aura
M. Sethi
A. Peltonen
Stream:
IETF
Source:
emu (sec)

Cite this RFC: TXT  |  XML

DOI:  10.17487/RFC9140

Discuss this RFC: Send questions or comments to emu@ietf.org

Other actions: Submit Errata  |  Find IPR Disclosures from the IETF  |  View History of RFC 9140


Abstract

The Extensible Authentication Protocol (EAP) provides support for multiple authentication methods. This document defines the EAP-NOOB authentication method for nimble out-of-band (OOB) authentication and key derivation. The EAP method is intended for bootstrapping all kinds of Internet-of-Things (IoT) devices that have no preconfigured authentication credentials. The method makes use of a user-assisted, one-directional, out-of-band (OOB) message between the peer device and authentication server to authenticate the in-band key exchange. The device must have a nonnetwork input or output interface, such as a display, microphone, speaker, or blinking light, that can send or receive dynamically generated messages of tens of bytes in length.


For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 8729.