The One Time Password (OTP) and Generic Token Card Authentication Protocols
draft-ietf-eap-otp-00
Document | Type |
Expired Internet-Draft
(eap WG)
Expired & archived
|
|
---|---|---|---|
Authors | Larry Blunk , John Vollbrecht , Dr. Bernard D. Aboba | ||
Last updated | 2002-10-14 | ||
RFC stream | Internet Engineering Task Force (IETF) | ||
Intended RFC status | (None) | ||
Formats | |||
Additional resources | Mailing list discussion | ||
Stream | WG state | WG Document | |
Document shepherd | (None) | ||
IESG | IESG state | Expired | |
Consensus boilerplate | Unknown | ||
Telechat date | (None) | ||
Responsible AD | (None) | ||
Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
EAP is an authentication protocol which supports multiple authentication mechanisms. EAP typically runs directly over the link layer without requiring IP and therefore includes its own support for in-order delivery and re-transmission. While EAP was originally developed for use with PPP, it is also now in use with IEEE 802. This document defines the One Time Password (OTP) and Generic Token Card EAP methods, both of which provide one-way authentication, but not key generation. As a result, the OTP and Generic Token Card methods, when used by themselves, are only appropriate for use on networks where physical security can be assumed. These methods SHOULD NOT be used on wireless networks, or over the Internet, unless the EAP conversation is protected. This can be accomplished using technologies such as IPsec or TLS.
Authors
Larry Blunk
John Vollbrecht
Dr. Bernard D. Aboba
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)