File formats:

Also available: XML file for editing

 

Status:

PROPOSED STANDARD

Authors:

R. Marin-Lopez
D. Garcia-Carrillo

Stream:

IETF

Source:

ace (sec)

Cite this RFC: TXT  |  XML  |   BibTeX

DOI:  https://doi.org/10.17487/RFC9820

Discuss this RFC: Send questions or comments to the mailing list ace@ietf.org

Other actions: Submit Errata  |  Find IPR Disclosures from the IETF  |  View History of RFC 9820

Abstract

This document specifies an authentication service that uses the Constrained Application Protocol (CoAP) as a transport method to carry the Extensible Authentication Protocol (EAP). As such, it defines an EAP lower layer based on CoAP called "CoAP-EAP". One of the main goals is to authenticate a CoAP-enabled Internet of Things (IoT) device (EAP peer) that intends to join a security domain managed by a Controller (EAP authenticator). Secondly, it allows deriving key material to protect CoAP messages exchanged between them based on Object Security for Constrained RESTful Environments (OSCORE), enabling the establishment of a security association between them.

For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 8729.