EAP Tunneled TLS Authentication Protocol (EAP-TTLS)
draft-ietf-pppext-eap-ttls-05
| Document | Type | Expired Internet-Draft (pppext WG) | |
|---|---|---|---|
| Last updated | 2004-07-20 | ||
| Stream | IETF | ||
| Intended RFC status | (None) | ||
| Formats |
Expired & archived
plain text
pdf
html
bibtex
|
||
| Stream | WG state | WG Document | |
| Document shepherd | No shepherd assigned | ||
| IESG | IESG state | Expired | |
| Consensus Boilerplate | Unknown | ||
| Telechat date | |||
| Responsible AD | (None) | ||
| Send notices to | (None) | ||
https://www.ietf.org/archive/id/draft-ietf-pppext-eap-ttls-05.txt
Abstract
EAP-TTLS is an EAP protocol that extends EAP-TLS. In EAP-TLS, a TLS handshake is used to mutually authenticate a client and server. EAP- TTLS extends this authentication negotiation by using the secure connection established by the TLS handshake to exchange additional information between client and server. In EAP-TTLS, the TLS handshake may be mutual; or it may be one-way, in which only the server is authenticated to the client. The secure connection established by the handshake may then be used to allow the server to authenticate the client using existing, widely-deployed authentication infrastructures such as RADIUS. The authentication of the client may itself be EAP, or it may be another authentication protocol such as PAP, CHAP, MS-CHAP or MS-CHAP-V2.
Authors
Paul Funk
(paul@funk.com)
Simon Blake-Wilson
(sblakewilson@certicom.com)
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)