Sorry about the notes left at the bottom. Enviado desde mi iPhone
> El 31 oct 2018, a las 10:01, Dan García Carrillo <dan.gar...@um.es> escribió: > > Hi Tuomas, > > This is an interesting work. > > We have been investigating how to send EAP over the CoAP protocol > specifically thinking of IoT devices > (https://tools.ietf.org/html/draft-marin-ace-wg-coap-eap-06).. Being an EAP > lower layer, CoAP-EAP is agnostic to any EAP method. From what I see, > EAP-NOOB seems to be an interesting proposal for authentication of IoT > devices, since there is no pre-provisioning or credentials or identities. > Because EAP-NOOB does not require large messages, causing fragmentation, it > could be integrated in a real scenario using CoAP-EAP as EAP lower layer. > > Best Regards, > Dan. > > > that goes hand-in-hand with an EAP Lower Layer that we have proposed in > > >> El 24 oct 2018, a las 19:47, Aura Tuomas <tuomas.a...@aalto.fi> escribió: >> >> Dear all, >> >> We have submitted a new version of our draft titled “Nimble out-of-band >> authentication for EAP (EAP-NOOB)”: >> >> https://tools.ietf.org/html/draft-aura-eap-noob-04 >> >> The draft defines an EAP method where the authentication is based on a >> user-assisted out-of-band (OOB) channel between the server and peer. It is >> intended as a generic bootstrapping solution for Internet-of-Things devices >> which have no pre-configured authentication credentials and which are not >> yet registered on the authentication server. >> >> What is new in version -04? Since the previous version, we have done >> extensive modeling and verification of the protocol and worked to resolve >> some discovered issues. We especially looked for denial-of-service >> conditions that may arise from dropped messages and other protocol failures, >> which both could be caused a network attacker. Based on this analysis, we >> have rethought the recovery from dropped final messages. The error handling >> still needs some attention. In any case, the specification is a pretty good >> shape and ready for anyone to review. >> >> The open-source implementation and the mCRL2 formal model are still based on >> the previous version but work is ongoing to update them: >> https://github.com/tuomaura/eap-noob >> >> Emu is the working group that closest matches our spec. Thus, we look >> forward to your feedback and comments here or in the wg meeting in a couple >> of weeks. >> >> Regards, >> Tuomas >> >> >> >> -----Original Message----- >> From: internet-dra...@ietf.org <internet-dra...@ietf.org> >> Sent: Monday, 22 October, 2018 20:50 >> To: Mohit Sethi <mo...@piuha.net>; Aura Tuomas <tuomas.a...@aalto.fi> >> Subject: New Version Notification for draft-aura-eap-noob-04.txt >> >> >> A new version of I-D, draft-aura-eap-noob-04.txt has been successfully >> submitted by Tuomas Aura and posted to the IETF repository. >> >> Name: draft-aura-eap-noob >> Revision: 04 >> Title: Nimble out-of-band authentication for EAP (EAP-NOOB) >> Document date: 2018-10-22 >> Group: Individual Submission >> Pages: 58 >> URL: >> https://www.ietf.org/internet-drafts/draft-aura-eap-noob-04.txt >> Status: https://datatracker.ietf.org/doc/draft-aura-eap-noob/ >> Htmlized: https://tools.ietf.org/html/draft-aura-eap-noob-04 >> Htmlized: https://datatracker.ietf.org/doc/html/draft-aura-eap-noob >> Diff: https://www.ietf.org/rfcdiff?url2=draft-aura-eap-noob-04 >> >> Abstract: >> Extensible Authentication Protocol (EAP) provides support for >> multiple authentication methods. This document defines the EAP-NOOB >> authentication method for nimble out-of-band (OOB) authentication and >> key derivation. This EAP method is intended for bootstrapping all >> kinds of Internet-of-Things (IoT) devices that have a minimal user >> interface and no pre-configured authentication credentials. The >> method makes use of a user-assisted one-directional OOB channel >> between the peer device and authentication server. >> >> >> >> >> >> Please note that it may take a couple of minutes from the time of submission >> until the htmlized version and diff are available at tools.ietf.org. >> >> The IETF Secretariat >> >> _______________________________________________ >> Emu mailing list >> Emu@ietf.org >> https://www.ietf.org/mailman/listinfo/emu > > _______________________________________________ > Emu mailing list > Emu@ietf.org > https://www.ietf.org/mailman/listinfo/emu
_______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu
