Extensible Authentication Protocol (EAP) Key Management Framework

Aboba, Bernard; Simon, Dan; Eronen, Pasi

doi:10.17487/rfc5247

Cited by 122 publications

(105 citation statements)

References 20 publications

Supporting

Mentioning

102

Contrasting

Unclassified

Order By: Relevance

“…The EAP-Key-Name Attribute, defined in "Diameter Extensible Authentication Protocol (EAP) Application" [RFC4072], contains the EAP Session-Id, as described in "Extensible Authentication Protocol (EAP) Key Management Framework" [RFC5247]. Exactly how this attribute is used depends on the link layer in question.…”

Section: Descriptionmentioning

confidence: 99%

“…The fields are transmitted from left to right. The String field is one or more octets, containing the EAP Session-Id, as defined in "Extensible Authentication Protocol (EAP) Key Management Framework" [RFC5247]. Since the NAS operates as a pass-through in EAP, it cannot know the EAP Session-Id before receiving it from the RADIUS server.…”

Section: Descriptionmentioning

confidence: 99%

“…Exactly how this name is used depends on the link layer in question. See [RFC5247] for more discussion. The EAPServer-Id Attribute is only allowed in Access-Request, AccessAccept, and Accounting-Request packets.…”

Section: Eap-server-id Descriptionmentioning

confidence: 99%

See 2 more Smart Citations

RADIUS Attributes for IEEE 802 Networks

Aboba¹,

Congdon²,

Malinen³

et al. 2014

Self Cite

View full text Add to dashboard Cite

show abstract

Section: Descriptionmentioning

confidence: 99%

Section: Descriptionmentioning

confidence: 99%

See 1 more Smart Citation

RADIUS Attributes for IEEE 802 Networks

Aboba¹,

Congdon²,

Malinen³

et al. 2014

Self Cite

View full text Add to dashboard Cite

show abstract

“…Section 1.3 of [RFC5247] outlines the typical conversation between EAP peers where an EAP key is derived: GSS-API peers discover each other and discover support for GSS-API in an application-dependent mechanism. SASL [RFC4422] describes how discovery of a particular SASL mechanism such as a GSS-API EAP mechanism is conducted.…”

Section: Rfc 7055 Eap Gss-api December 2013mentioning

confidence: 99%

A GSS-API Mechanism for the Extensible Authentication Protocol

Hartman¹,

Howlett²

2013

View full text Add to dashboard Cite

“…See [RFC5247] for a more complete discussion of the related security issues; here we provide only a short summary.…”

Section: Authentication With Separated Ikev2mentioning

confidence: 99%

An Extension for EAP-Only Authentication in IKEv2

Sheffer¹,

Tschofenig²,

Eronen³

2010

Self Cite

View full text Add to dashboard Cite

IKEv2 specifies that Extensible Authentication Protocol (EAP) authentication must be used together with responder authentication based on public key signatures. This is necessary with old EAP methods that provide only unilateral authentication using, e.g., onetime passwords or token cards.This document specifies how EAP methods that provide mutual authentication and key agreement can be used to provide extensible responder authentication for IKEv2 based on methods other than public key signatures.

show abstract

Extensible Authentication Protocol (EAP) Key Management Framework

Cited by 122 publications

References 20 publications

RADIUS Attributes for IEEE 802 Networks

RADIUS Attributes for IEEE 802 Networks

A GSS-API Mechanism for the Extensible Authentication Protocol

An Extension for EAP-Only Authentication in IKEv2

Contact Info

Product

Resources

About