[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

I-D ACTION:draft-josefsson-pppext-eap-tls-eap-07.txt

A New Internet-Draft is available from the on-line Internet-Drafts directories.

	Title		: Protected EAP Protocol (PEAP)
	Author(s)	: S. Josefsson, A. Palekar, D. Simon, G. Zorn
	Filename	: draft-josefsson-pppext-eap-tls-eap-07.txt
	Pages		: 72
	Date		: 2003-10-27
The Extensible Authentication Protocol (EAP), defined in RFC 2284, 
provides for support of multiple authentication methods. While EAP 
was originally created for use with PPP, it has since been adopted 
for use with IEEE 802.1X 'Network Port Authentication'. 
Since its deployment, a number of weaknesses in EAP or some EAP 
protocols have become apparent. These include no per packet 
confidentiality and integrity protection; which results in lack of 
protection to user identity, notification messages or EAP 
negotiation; and sequencing of EAP methods. In addition, there is no 
standardized mechanism for key exchange; no built-in support for 
fragmentation and reassembly; no support for acknowledged 
success/failure indications; and no support for fast reconnect. 
In addition, some EAP protocols (e.g. like EAP-MD5) are susceptible 
to  dictionary and brute force attacks; do not provide 
confidentiality; do not support server authentication required to 
prevent spoofing by rogue servers (gateways), and do not support the 
generation of key strength required for 802.11i.

A URL for this Internet-Draft is:

To remove yourself from the IETF Announcement list, send a message to 
ietf-announce-request with the word unsubscribe in the body of the message.

Internet-Drafts are also available by anonymous FTP. Login with the username
"anonymous" and a password of your e-mail address. After logging in,
type "cd internet-drafts" and then
	"get draft-josefsson-pppext-eap-tls-eap-07.txt".

A list of Internet-Drafts directories can be found in
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt

Internet-Drafts can also be obtained by e-mail.

Send a message to:
In the body type:
	"FILE /internet-drafts/draft-josefsson-pppext-eap-tls-eap-07.txt".
NOTE:	The mail server at ietf.org can return the document in
	MIME-encoded form by using the "mpack" utility.  To use this
	feature, insert the command "ENCODING mime" before the "FILE"
	command.  To decode the response(s), you will need "munpack" or
	a MIME-compliant mail reader.  Different MIME-compliant mail readers
	exhibit different behavior, especially when dealing with
	"multipart" MIME messages (i.e. documents which have been split
	up into multiple messages), so check your local documentation on
	how to manipulate these messages.
Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the