Bootstrapped TLS Authentication
draft-friel-tls-eap-dpp-03
| Document | Type |
This is an older version of an Internet-Draft whose latest revision state is "Replaced".
Expired & archived
|
|
|---|---|---|---|
| Authors | Owen Friel , Dan Harkins | ||
| Last updated | 2022-01-10 (Latest revision 2021-07-09) | ||
| Replaced by | draft-ietf-emu-bootstrapped-tls, draft-ietf-emu-bootstrapped-tls | ||
| RFC stream | (None) | ||
| Formats | |||
| Stream | Stream state | (No stream defined) | |
| Consensus boilerplate | Unknown | ||
| RFC Editor Note | (None) | ||
| IESG | IESG state | Expired | |
| Telechat date | (None) | ||
| Responsible AD | (None) | ||
| Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
This document defines a TLS extension that enables a server to prove to a client that it has knowledge of the public key of a key pair where the client has knowledge of the private key of the key pair. Unlike standard TLS key exchanges, the public key is never exchanged in TLS protocol messages. Proof of knowledge of the public key is used by the client to bootstrap trust in the server. The use case outlined in this document is to establish trust in an EAP server.
Authors
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)