Technical Summary
The Extensible Authentication Protocol (EAP), defined in RFC 3748,
provides support for multiple authentication methods. Transport Level
Security (TLS) provides for mutual authentication, integrity-protected
ciphersuite negotiation and key exchange between two endpoints. This
document defines EAP-TLS, which includes support for certificate-based
mutual authentication and key derivation. This document obsoletes RFC
2716 to bring EAP-TLS into the standards track.
Working Group Summary
The document represents rough consensus of the working group.
Protocol Quality
This document has been reviewed for the IESG by Sam Hartman. There are
many interoperable implementation of EAP-TLS deployed today.
This document has been reviewed by people involved in the EAP, TLS and
PKIX working groups.
Note to RFC Editor
Please replace Section 2.4 with the following text:
2.4. Ciphersuite and Compression Negotiation
EAP-TLS implementations MUST support TLS v1.0.
EAP-TLS implementations need not necessarily support all TLS
ciphersuites listed in [RFC4346]. Not all TLS ciphersuites are
supported by available TLS tool kits and licenses may be required in
some cases.
To ensure interoperability, EAP-TLS peers and servers MUST support
the TLS [RFC4346] mandatory-to-implement ciphersuite:
TLS_RSA_WITH_3DES_EDE_CBC_SHA
EAP-TLS peers and servers SHOULD also support and be able
to negotiate the following TLS ciphersuites:
TLS_RSA_WITH_RC4_128_SHA [RFC4346]
TLS_RSA_WITH_AES_128_CBC_SHA [RFC3268]
In addition, EAP-TLS servers SHOULD support and be able to negotiate
the following TLS ciphersuite:
TLS_RSA_WITH_RC4_128_MD5 [RFC4346]
Since TLS supports ciphersuite negotiation, peers completing the TLS
negotiation will also have selected a ciphersuite, which includes
encryption and hashing methods. Since the ciphersuite negotiated
within EAP-TLS applies only to the EAP conversation, TLS ciphersuite
negotiation MUST NOT be used to negotiate the ciphersuites used to
secure data.
TLS also supports compression as well as ciphersuite negotiation.
However, during the EAP-TLS conversation the EAP peer and server MUST
NOT request or negotiate compression.