Hi folks
We have submitted a new version of our draft titled “Nimble out-of-band
authentication for EAP (EAP-NOOB)”.
The draft defines an EAP method where the authentication is based on a
user-assisted out-of-band (OOB) channel between the server and peer. It
is intended as a generic bootstrapping solution for Internet-of-Things
devices which have no pre-configured authentication credentials and
which are not yet registered on the authentication server. Consider
devices you just bought or borrowed.
For one application example, we are currently using this protocol for
bootstrapping security for ubiquitous displays: the user can configure
wireless network access, link the device to a cloud service, and
register ownership of the device for a specific cloud user – all in one
simple step of scanning a QR code with a smart phone. EAP-NOOB relies on
server assigned random identifiers instead of hard-coded ones which
makes it privacy friendly.
The draft has underdone a major revision based on implementation
experience. For example, the new version has improved cryptoagility, and
refined the error handling and timeouts. The updated draft is available
here:
https://tools.ietf.org/html/draft-aura-eap-noob-02
A complete list of updates can be found from the version history in the
appendix of the draft.
The open source implementation can be tracked here:
https://github.com/tuomaura/eap-noob
We look forward to your feedback and comments here or on the SAAG
mailing list.
--Mohit
-------- Forwarded Message --------
Subject: New Version Notification for draft-aura-eap-noob-02.txt
Date: Thu, 25 May 2017 12:52:46 -0700
From: internet-dra...@ietf.org
To: Tuomas Aura <tuomas.a...@aalto.fi>, Mohit Sethi <mo...@piuha.net>
A new version of I-D, draft-aura-eap-noob-02.txt
has been successfully submitted by Mohit Sethi and posted to the
IETF repository.
Name: draft-aura-eap-noob
Revision: 02
Title: Nimble out-of-band authentication for EAP (EAP-NOOB)
Document date: 2017-05-24
Group: Individual Submission
Pages: 47
URL: https://www.ietf.org/internet-drafts/draft-aura-eap-noob-02.txt
Status: https://datatracker.ietf.org/doc/draft-aura-eap-noob/
Htmlized: https://tools.ietf.org/html/draft-aura-eap-noob-02
Htmlized: https://datatracker.ietf.org/doc/html/draft-aura-eap-noob-02
Diff: https://www.ietf.org/rfcdiff?url2=draft-aura-eap-noob-02
Abstract:
Extensible Authentication Protocol (EAP) provides support for
multiple authentication methods. This document defines the EAP-NOOB
authentication method for nimble out-of-band (OOB) authentication and
key derivation. This EAP method is intended for bootstrapping all
kinds of Internet-of-Things (IoT) devices that have a minimal user
interface and no pre-configured authentication credentials. The
method makes use of a user-assisted one-directional OOB channel
between the peer device and authentication server.
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
The IETF Secretariat
_______________________________________________
Emu mailing list
Emu@ietf.org
https://www.ietf.org/mailman/listinfo/emu
