Internet Assigned Numbers Authority

Nimble Out-of-Band Authentication for EAP Parameters (EAP-NOOB)

Created
2021-09-21
Last Updated
2022-01-07
Available Formats

XML
HTML
Plain text

Registries included below

EAP-NOOB Cryptosuites

Registration Procedure(s)
Specification Required
Expert(s)
Tuomas Aura, Mohit Sethi
Reference
[RFC9140]
Available Formats

CSV
Cryptosuite Algorithms Reference
0 Reserved [RFC9140]
1 ECDHE curve Curve25519 [RFC7748], public-key format [RFC7517], hash function SHA-256 [RFC6234]. The JWK encoding of Curve25519 public key is defined in [RFC8037]. For clarity, the "crv" parameter is "X25519", the "kty" parameter is "OKP", and the public-key encoding contains only an x-coordinate. [RFC9140]
2 ECDHE curve NIST P-256 [FIPS186-4], public-key format [RFC7517], hash function SHA-256 [RFC6234]. The JWK encoding of NIST P-256 public key is defined in [RFC7518]. For clarity, the "crv" parameter is "P-256", the "kty" parameter is "EC", and the public-key encoding has both an x and y coordinate, as defined in Section 6.2.1 of [RFC7518]. [RFC9140]
3-65535 Unassigned

EAP-NOOB Message Types

Registration Procedure(s)
Specification Required
Expert(s)
Tuomas Aura, Mohit Sethi
Reference
[RFC9140]
Available Formats

CSV
Message Type Used in Exchange Purpose Reference
0 Error Error notification [RFC9140]
1 All exchanges PeerId and PeerState discovery [RFC9140]
2 Initial Version, cryptosuite, and parameter negotiation [RFC9140]
3 Initial Exchange of ECDHE keys and nonces [RFC9140]
4 Waiting Indication to the peer that the server has not yet received an OOB message [RFC9140]
5 Completion NoobId discovery [RFC9140]
6 Completion Authentication and key confirmation with HMAC [RFC9140]
7 Reconnect Version, cryptosuite, and parameter negotiation [RFC9140]
8 Reconnect Exchange of ECDHE keys and nonces [RFC9140]
9 Reconnect Authentication and key confirmation with HMAC [RFC9140]
10-65535 Unassigned

EAP-NOOB Error Codes

Expert(s)
Tuomas Aura, Mohit Sethi
Reference
[RFC9140]
Available Formats

CSV
Range Registration Procedures
6001-6999 Private and Experimental Use
All other values Specification Required
Error Code Purpose Reference
1001 Invalid NAI [RFC9140]
1002 Invalid message structure [RFC9140]
1003 Invalid data [RFC9140]
1004 Unexpected message type [RFC9140]
1005 Invalid ECDHE key [RFC9140]
2001 Unwanted peer [RFC9140]
2002 State mismatch, user action required [RFC9140]
2003 Unrecognized OOB message identifier [RFC9140]
2004 Unexpected peer identifier [RFC9140]
3001 No mutually supported protocol version [RFC9140]
3002 No mutually supported cryptosuite [RFC9140]
3003 No mutually supported OOB direction [RFC9140]
4001 HMAC verification failure [RFC9140]
5001 Application-specific error [RFC9140]
5002 Invalid server info [RFC9140]
5003 Invalid server URL [RFC9140]
5004 Invalid peer info [RFC9140]
6001-6999 Reserved for Private and Experimental Use [RFC9140]

EAP-NOOB ServerInfo Data Fields

Registration Procedure(s)
Specification Required
Expert(s)
Tuomas Aura, Mohit Sethi
Reference
[RFC9140]
Available Formats

CSV
Data Field Reference
Type [RFC9140, Section 4]
ServerName [RFC9140, Section 4]
ServerURL [RFC9140, Section 4]
SSIDList [RFC9140, Section 4]
Base64SSIDList [RFC9140, Section 4]

EAP-NOOB PeerInfo Data Fields

Registration Procedure(s)
Specification Required
Expert(s)
Tuomas Aura, Mohit Sethi
Reference
[RFC9140]
Available Formats

CSV
Data Field Reference
Type [RFC9140, Section 4]
PeerName [RFC9140, Section 4]
Manufacturer [RFC9140, Section 4]
Model [RFC9140, Section 4]
SerialNumber [RFC9140, Section 4]
MACAddress [RFC9140, Section 4]
SSID [RFC9140, Section 4]
Base64SSID [RFC9140, Section 4]
BSSID [RFC9140, Section 4]