HIP and User Authentication

Document Type Expired Internet-Draft (individual)
Author Samu Varjonen 
Last updated 2009-07-06
Stream (None)
Intended RFC status (None)
Expired & archived
pdf htmlized (tools) htmlized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


This document specifies how to use Extensible Authentication Protocol (EAP) in HIP to incorporate user authentication in the IPsec tunnel creation. This document describes two new parameters for transporting EAP messages inside HIP control packets. The main focus of this document is to describe how to use these parameters to combine needed EAP negotiation in order to authenticate the user. This document also describes how on-path middleboxes can take part in the negotiation as authenticators.


Samu Varjonen (samu.varjonen@hiit.fi)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)