{
  "draft": "draft-ietf-emu-eap-noob-06",
  "doc_id": "RFC9140",
  "title": "Nimble Out-of-Band Authentication for EAP (EAP-NOOB)",
  "authors": [
    "T. Aura",
    "M. Sethi",
    "A. Peltonen"
  ],
  "format": [
    "XML",
    "TEXT",
    "HTML",
    "PDF"
  ],
  "page_count": "51",
  "pub_status": "PROPOSED STANDARD",
  "status": "PROPOSED STANDARD",
  "source": "EAP Method Update",
  "abstract": "The Extensible Authentication Protocol (EAP) provides support for multiple authentication methods.  This document defines the EAP-NOOB authentication method for nimble out-of-band (OOB) authentication and key derivation.  The EAP method is intended for bootstrapping all kinds of Internet-of-Things (IoT) devices that have no preconfigured authentication credentials.  The method makes use of a user-assisted, one-directional, out-of-band (OOB) message between the peer device and authentication server to authenticate the in-band key exchange.  The device must have a nonnetwork input or output interface, such as a display, microphone, speaker, or blinking light, that can send or receive dynamically generated messages of tens of bytes in length.",
  "pub_date": "December 2021",
  "keywords": [
    "IoT security",
    "cybersecurity",
    "network access authorization",
    "Extensible Authentication Protocol",
    "key exchange"
  ],
  "obsoletes": [],
  "obsoleted_by": [],
  "updates": [],
  "updated_by": [
    "RFC9965"
  ],
  "see_also": [],
  "doi": "10.17487/RFC9140",
  "errata_url": null
}