State Machines for Extensible Authentication Protocol (EAP) Peer and Authenticator
RFC 4137
Network Working Group J. Vollbrecht
Request for Comments: 4137 Meetinghouse Data Communications
Category: Informational P. Eronen
Nokia
N. Petroni
University of Maryland
Y. Ohba
TARI
August 2005
State Machines for Extensible Authentication Protocol (EAP)
Peer and Authenticator
Status of This Memo
This memo provides information for the Internet community. It does
not specify an Internet standard of any kind. Distribution of this
memo is unlimited.
Copyright Notice
Copyright (C) The Internet Society (2005).
Abstract
This document describes a set of state machines for Extensible
Authentication Protocol (EAP) peer, EAP stand-alone authenticator
(non-pass-through), EAP backend authenticator (for use on
Authentication, Authorization, and Accounting (AAA) servers), and EAP
full authenticator (for both local and pass-through). This set of
state machines shows how EAP can be implemented to support deployment
in either a peer/authenticator or peer/authenticator/AAA Server
environment. The peer and stand-alone authenticator machines are
illustrative of how the EAP protocol defined in RFC 3748 may be
implemented. The backend and full/pass-through authenticators
illustrate how EAP/AAA protocol support defined in RFC 3579 may be
implemented. Where there are differences, RFC 3748 and RFC 3579 are
authoritative.
The state machines are based on the EAP "Switch" model. This model
includes events and actions for the interaction between the EAP
Switch and EAP methods. A brief description of the EAP "Switch"
model is given in the Introduction section.
The state machine and associated model are informative only.
Implementations may achieve the same results using different methods.
Vollbrecht, et al. Informational [Page 1]
RFC 4137 EAP State Machines August 2005
Table of Contents
1. Introduction: The EAP Switch Model ..............................3
2. Specification of Requirements ...................................4
3. Notational Conventions Used in State Diagrams ...................5
3.1. Notational Specifics .......................................5
3.2. State Machine Symbols ......................................7
3.3. Document Authority .........................................8
4. Peer State Machine ..............................................9
4.1. Interface between Peer State Machine and Lower Layer .......9
4.2. Interface between Peer State Machine and Methods ..........11
4.3. Peer State Machine Local Variables ........................13
4.4. Peer State Machine Procedures .............................14
4.5. Peer State Machine States .................................15
5. Stand-Alone Authenticator State Machine ........................17
5.1. Interface between Stand-Alone Authenticator State
Machine and Lower Layer ...................................17
5.2. Interface between Stand-Alone Authenticator State
Machine and Methods .......................................19
5.3. Stand-Alone Authenticator State Machine Local Variables ...21
5.4. EAP Stand-Alone Authenticator Procedures ..................22
5.5. EAP Stand-Alone Authenticator States ......................24
6. EAP Backend Authenticator ......................................26
6.1. Interface between Backend Authenticator State
Machine and Lower Layer ...................................26
6.2. Interface between Backend Authenticator State
Machine and Methods .......................................28
6.3. Backend Authenticator State Machine Local Variables .......28
6.4. EAP Backend Authenticator Procedures ......................28
6.5. EAP Backend Authenticator States ..........................29
7. EAP Full Authenticator .........................................29
7.1. Interface between Full Authenticator State Machine
and Lower Layer ...........................................30
7.2. Interface between Full Authenticator State Machine
and Methods ...............................................31
7.3. Full Authenticator State Machine Local Variables ..........32
7.4. EAP Full Authenticator Procedures .........................32
7.5. EAP Full Authenticator States .............................32
8. Implementation Considerations ..................................34
Show full document text