Dan Garcia <dan.gar...@um.es> wrote:
> EAP can be used in the context of IoT for authentication.
But, to what end?
1) If it is onboarding a new device, then there is no connectivity until after
authentication.
so you can't use CoAP, you have to use 802.1x, or some equivalent, or
create a system such as draft-ietf-6tisch-minimal-security.
Which does use CoAP and OSCORE already.
2) If it for application authentication, then you need to use EAP to setup
MSK for later use by a context.
We do this in IKEv2, (D)TLS already.
So the only left would be OSCORE, yet you write "could", as if it was an
afterthought.
Tell me what is your application? What will be impossible if we don't do
this work?
--
Michael Richardson <mcr+i...@sandelman.ca> . o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
_______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu
