EAP Support in Smartcard
draft-urien-eap-smartcard-32

Document Type Active Internet-Draft (individual)
Last updated 2016-12-08
Stream (None)
Intended RFC status Informational
Formats plain text pdf html bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state I-D Exists
Telechat date
Responsible AD (None)
Send notices to (None)
EAP Working Group                                            P. Urien 
  Internet Draft                                      Telecom ParisTech 
  Intended status: Informational                             G. Pujolle 
                                                                   LIP6 
                                                        December 8 2016 
  Expires: June 2017 
 
                             EAP Support in Smartcard 
                         draft-urien-eap-smartcard-32.txt 
    
    
Abstract 
    
   This document describes the functional interface, based on the 
   ISO7816 standard, to EAP methods, fully and securely executed in 
   smart cards. This class of tamper resistant device may deliver 
   client or server services; it can compute Root Keys from an Extended 
   Master Session Key (EMSK). 
    
Requirements Language 
    
   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 
   document are to be interpreted as described in RFC 2119 [RFC2119]. 
    
Status of this Memo 
    
   This Internet-Draft is submitted in full conformance with the 
   provisions of BCP 78 and BCP 79. 
    
   Internet-Drafts are working documents of the Internet Engineering 
   Task Force (IETF). Note that other groups may also distribute 
   working documents as Internet-Drafts. The list of current Internet-
   Drafts is at http://datatracker.ietf.org/drafts/current/. 
    
   Internet-Drafts are draft documents valid for a maximum of six 
   months and may be updated, replaced, or obsoleted by other documents 
   at any time. It is inappropriate to use Internet-Drafts as reference 
   material or to cite them other than as "work in progress." 
    
   This Internet-Draft will expire on June 2017. 

   Urien & All                   Expires June 2017            [Page 1] 


Copyright Notice 
    
   Copyright (c) 2016 IETF Trust and the persons identified as the 
   document authors.  All rights reserved.  
    
   This document is subject to BCP 78 and the IETF Trust's Legal 
   Provisions Relating to IETF Documents 
   (http://trustee.ietf.org/license-info) in effect on the date of 
   publication of this document. Please review these documents 
   carefully, as they describe your rights and restrictions with 
   respect to this document. 
    
    
Table of Contents 
    
   Abstract........................................................... 1 
   Requirements Language.............................................. 1 
   Status of this Memo................................................ 1 
   Copyright Notice................................................... 2 
   1 Overview......................................................... 5 
   2 Relationships with RFC 3748...................................... 6 
      2.1 EAP multiplexing model...................................... 6 
      2.2 EAP smartcards.............................................. 6 
   3 Overview of EAP smartcards in the IETF context................... 7 
      3.1 Network Interface........................................... 8 
      3.2 Other services.............................................. 9 
      3.3 Out Of Band (OOB) facilities................................ 9 
   4 User's Identity.................................................. 9 
   5 EAP smartcard services.......................................... 10 
      5.1 Add-Identity............................................... 10 
      5.2 Delete-Identity............................................ 10 
      5.3 Get-Preferred-Identity..................................... 10 
      5.4 Get-Current-Identity....................................... 10 
      5.5 Get-Next-Identity.......................................... 10 
      5.6 Set-Identity............................................... 11 
      5.7 Get-Profile-Data........................................... 11 
      5.8 Process-EAP................................................ 11 
      5.9 Process-EAP-OOB............................................ 12 
      5.10 Get-Session-Key........................................... 12 
      5.11 Get-State................................................. 12 
      5.12 Reset-State............................................... 12 
      5.13 Method Functions.......................................... 13 
      5.14 Multiple EAP Identity selections.......................... 13 
      5.15 Get-Exported-Parameters................................... 13 
      5.17 Get-AMSK.................................................. 14 
   6 Client and Server facilities.................................... 15 
   7 IEEE 802.16 services............................................ 15 
      7.1 Get-Certificate............................................ 15 
      7.2 Private-Key-Decryption..................................... 16 
Show full document text