Nimble out-of-band authentication for EAP (EAP-NOOB)

Document Type Replaced Internet-Draft (emu WG)
Authors Tuomas Aura  , Mohit Sethi 
Last updated 2020-04-18 (latest revision 2020-03-09)
Replaced by draft-ietf-emu-eap-noob
Stream Internet Engineering Task Force (IETF)
Intended RFC status (None)
Expired & archived
plain text xml pdf htmlized bibtex
Stream WG state Candidate for WG Adoption
Document shepherd No shepherd assigned
IESG IESG state Replaced by draft-ietf-emu-eap-noob
Consensus Boilerplate Unknown
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


Extensible Authentication Protocol (EAP) provides support for multiple authentication methods. This document defines the EAP-NOOB authentication method for nimble out-of-band (OOB) authentication and key derivation. The EAP method is intended for bootstrapping all kinds of Internet-of-Things (IoT) devices that have no pre-configured authentication credentials. The method makes use of a user-assisted one-directional OOB message between the peer device and authentication server to authenticate the in-band key exchange. The device must have an input or output interface, such as a display, microphone, speakers or blinking light, which can send or receive dynamically generated messages of tens of bytes in length.


Tuomas Aura (
Mohit Sethi (

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)