My point was that AES and SHA are not the reason IOT cryptography is so often broken or missing. Instead its getting the keys onto the system in a halfway secure manner that is the blocking issue.

Hence I'd be a lot more enthusiastic about NIST guidance on these points.

A pairing system as seen in e.g. Zigbee or BLE seems pretty good to me. Not everyone cares to implement it well and there's still no standard for web-based devices, but it's here and it works.

I'd like to see more devices able to pair with NFC, but even that's standardised for Bluetooth, just underused.

Ah, I see. That's indeed an interesting point. At any rate, IOT cryptography can use this standard as a building point, so it is a step in the right direction anyway.