{
  "draft": "draft-ietf-emu-bootstrapped-tls",
  "doc_id": "RFC9966",
  "title": "Bootstrapped TLS Authentication with Proof of Knowledge",
  "authors": [
    "O. Friel",
    "D. Harkins"
  ],
  "format": [
    "XML",
    "TEXT",
    "HTML",
    "PDF"
  ],
  "page_count": "16",
  "pub_status": "PROPOSED STANDARD",
  "status": "PROPOSED STANDARD",
  "source": "emu",
  "abstract": "This document defines a mechanism that enables a bootstrapping device to establish trust and mutually authenticate against a TLS server. Bootstrapping devices have a public/private key pair; this mechanism enables a TLS server to prove to the device that it knows the public key and enables the device to prove to the TLS server that it knows the private key. The mechanism leverages existing Device Provisioning Profile (DPP) and TLS standards and can be used in an Extensible Authentication Protocol (EAP) exchange with an EAP server.",
  "pub_date": "May 2026",
  "keywords": [],
  "obsoletes": [],
  "obsoleted_by": [],
  "updates": [],
  "updated_by": [],
  "see_also": [],
  "doi": "10.17487/RFC9966",
  "errata_url": null
}