EAP BIO
draft-urien-kiennert-emu-bio-00
Document | Type |
Expired Internet-Draft
(individual)
Expired & archived
|
|
---|---|---|---|
Authors | Christophe Kiennert , Pascal Urien | ||
Last updated | 2009-10-15 | ||
RFC stream | (None) | ||
Intended RFC status | (None) | ||
Formats | |||
Stream | Stream state | (No stream defined) | |
Consensus boilerplate | Unknown | ||
RFC Editor Note | (None) | ||
IESG | IESG state | Expired | |
Telechat date | (None) | ||
Responsible AD | (None) | ||
Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
EAP-TTLS is an EAP method that provides secured authentication as described in RFC 5281. This method makes generally use of two phases in order to complete authentication. The first one consists in the authentication of the TTLS server to the client, established by a TLS handshake between the client and the TTLS server. The handshake may be either mutual or one-way. The authentication of the client to the server may then be negotiated during phase two of EAP-TTLS, thanks to widely-deployed authentication mechanisms such as CHAP, PAP, MS-CHAP or MS-CHAP-V2. The purpose of EAP-BIO is to define how to use a biometric authentication mechanism during phase two of EAP-TTLS. This authentication mechanism ranges from physiological characteristics such as fingerprint identification, to behavioral characteristics such as voice or signature analysis. Hence, EAP-BIO combines the security features of EAP-TTLS and biometric authentication.
Authors
Christophe Kiennert
Pascal Urien
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)