Credentials Provisioning and Management via EAP Method (EAP-CREDS)
draft-pala-tian-eap-creds-spp-02

Abstract

With the increase number of devices, protocols, and applications that rely on strong credentials (e.g., digital certificates, keys, or tokens) for network access, the need for a standardized credentials provisioning and management framework is paramount. The 802.1x architecture allows for entities (e.g., devices, applications, etc.) to authenticate to the network by providing a communication channel where different methods can be used to exchange different types of credentials. EAP-CREDS is an EAP method that specifically designed for credential provisioning and management. If implemented in Access Networks (e.g., wired), EAP-CREDS can offer credentials management services such as registration, provisioning, and renewal. Besides, EAP-CREDS provides protocol encapsulation mechanism that allows it to use with other credential management protocols. Therefore, this document defines how to use EAP-CREDS with the Simple Provisioning Protocol (SPP) to support the provisioning and management of authentication credentials for user and/or devices in an access network. Other credential provisioning protocols can also use this document as a guideline and template for its own encapsulation with EAP-CREDS.

Authors

Massimiliano Pala
Yuan Tian

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)