My point was that AES and SHA are not the reason IOT cryptography is so often broken or missing.
Instead its getting the keys onto the system in a halfway secure manner that is the blocking issue.
Hence I'd be a lot more enthusiastic about NIST guidance on these points.
A pairing system as seen in e.g. Zigbee or BLE seems pretty good to me. Not everyone cares to implement it well and there's still no standard for web-based devices, but it's here and it works.
I'd like to see more devices able to pair with NFC, but even that's standardised for Bluetooth, just underused.
Ah, I see. That's indeed an interesting point. At any rate, IOT cryptography can use this standard as a building point, so it is a step in the right direction anyway.
Hence I'd be a lot more enthusiastic about NIST guidance on these points.