@misc{rfc9820,
    series =    {Request for Comments},
    number =    9820,
    howpublished =  {RFC 9820},
    publisher = {RFC Editor},
    doi =       {10.17487/RFC9820},
    url =       {https://www.rfc-editor.org/info/rfc9820},
    author =    {Rafael Marin-Lopez and Dan Garcia-Carrillo},
    title =     {{Authentication Service Based on the Extensible Authentication Protocol (EAP) for Use with the Constrained Application Protocol (CoAP)}},
    pagetotal = 35,
    year =      2025,
    month =     sep,
    abstract =  {This document specifies an authentication service that uses the Constrained Application Protocol (CoAP) as a transport method to carry the Extensible Authentication Protocol (EAP). As such, it defines an EAP lower layer based on CoAP called "CoAP-EAP". One of the main goals is to authenticate a CoAP-enabled Internet of Things (IoT) device (EAP peer) that intends to join a security domain managed by a Controller (EAP authenticator). Secondly, it allows deriving key material to protect CoAP messages exchanged between them based on Object Security for Constrained RESTful Environments (OSCORE), enabling the establishment of a security association between them.},
}