Update to the Extensible Authentication Protocol (EAP) Applicability Statement for Application Bridging for Federated Access Beyond Web (ABFAB)
RFC 7057
Technical Summary
The EAP applicability statement in [RFC3748] defines the scope of the
Extensible Authentication Protocol to be "for use in network access
authentication, where IP layer connectivity may not be available.",
and states that "Use of EAP for other purposes, such as bulk data
transport, is NOT RECOMMENDED.".
While some of the recommendation against usage of EAP for bulk data
transport is still valid, some of the other provisions in the
applicability statement have turned out to be too narrow. This document
describes the applicability of EAP for (certain) application layer access decisions.
Working Group Summary
The WG (as well as emu) has debated extensively as to whether to revise the
EAP-applicability statement completely or to focus on the particular requirements for
abfab. It was decided to keep it limited to abfab in the interest of progressing the
work items.
Document Quality
This being an applicability statement, there is no question of implementations. What
can be said is that the existing implementations of abfab use the relaxed applicability
statement.
Personnel
Shepherd: Klaas Wierenga
AD: Stephen Farell
RFC Editor Note
Please add a new sentence to the end of section 3 (and the associated
informative reference), so:
OLD, at the end of section 3:
Circumstances might
require that applications need to perform conversion of identities
from an application specific character set to UTF-8 or another
character set required by a particular EAP method.
NEW
Circumstances might
require that applications need to perform conversion of identities
from an application specific character set to UTF-8 or another
character set required by a particular EAP method.
See also [draft-ietf-radext-nai], Section 2.6, for information
about normalization of identifiers.
NEW, section 7.2:
Add [draft-ietf-radext-nai]