EAP Extensions Problem Statement
draft-dondeti-eapext-ps-00
| Document | Type |
Expired Internet-Draft
(individual)
Expired & archived
|
|
|---|---|---|---|
| Authors | Lakshminath R. Dondeti , Vidya Narayanan | ||
| Last updated | 2006-06-20 | ||
| RFC stream | (None) | ||
| Intended RFC status | (None) | ||
| Formats | |||
| Stream | Stream state | (No stream defined) | |
| Consensus boilerplate | Unknown | ||
| RFC Editor Note | (None) | ||
| IESG | IESG state | Expired | |
| Telechat date | (None) | ||
| Responsible AD | (None) | ||
| Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
The extensible authentication protocol (EAP), specified in RFC3748 [1] is a generic framework supporting multiple authentication methods. The EAP keying hierarchy specified in [2] has two top level keys: a master session key (MSK) and an extended MSK (EMSK). The MSK is used for access control enforcement, whereas the purpose of EMSK is to be defined. Several proposals for the use of the EMSK have been made, among them are support for efficient re-authentication of the EAP peer as it moves from one authenticator to another, bootstrapping preshared keys, visited domain key management. In this document, we explore the various proposed uses of the EMSK key hierarchy and the design considerations in specifying the EMSK key hierarchy.
Authors
Lakshminath R. Dondeti
Vidya Narayanan
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)