Authenticated Service Information for the Extensible Authentication Protocol (EAP)
draft-arkko-eap-service-identity-auth-04

 
Document Type Expired Internet-Draft (individual)
Last updated 2005-10-26
Stream (None)
Intended RFC status (None)
Formats
Expired & archived
plain text pdf html
Stream Stream state (No stream defined)
Document shepherd No shepherd assigned
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at
https://www.ietf.org/archive/id/draft-arkko-eap-service-identity-auth-04.txt

Abstract

EAP is typically used in an arrangement where the actual service (such as a wireless LAN access point) is separated from the authentication server. However, EAP itself does not have a concept of a service identity or its parameters, and thus the client usually does not authenticate any information about the service itself, even when a mutually authenticating EAP method is used. This document specifies a backward compatible extension to popular EAP methods for authenticating service related information, such as the identity and type of the offered service. A common parameter name space is created in order to ensure that the same kinds of identifiers can be authenticated independent of the choice of the EAP authentication method, retaining the EAP media independence principle.

Authors

Jari Arkko (jari.arkko@piuha.net)
Pasi Eronen (pe@iki.fi)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)