State Machines for Extensible Authentication Protocol (EAP) Peer and Authenticator
RFC 4137
Document Type RFC - Informational (August 2005; No errata)
Last updated 2018-12-20
Stream IETF
Formats plain text html pdf htmlized bibtex
Stream WG state (None)
Document shepherd No shepherd assigned
IESG IESG state RFC 4137 (Informational)
Consensus Boilerplate Unknown
Telechat date
Responsible AD Margaret Cullen
Send notices to jar@iki.fi
Email authors Email WG IPR References Referenced by Nits 
Network Working Group                                      J. Vollbrecht
Request for Comments: 4137              Meetinghouse Data Communications
Category: Informational                                        P. Eronen
                                                                   Nokia
                                                              N. Petroni
                                                  University of Maryland
                                                                 Y. Ohba
                                                                    TARI
                                                             August 2005

      State Machines for Extensible Authentication Protocol (EAP)
                         Peer and Authenticator

Status of This Memo

   This memo provides information for the Internet community.  It does
   not specify an Internet standard of any kind.  Distribution of this
   memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2005).

Abstract

   This document describes a set of state machines for Extensible
   Authentication Protocol (EAP) peer, EAP stand-alone authenticator
   (non-pass-through), EAP backend authenticator (for use on
   Authentication, Authorization, and Accounting (AAA) servers), and EAP
   full authenticator (for both local and pass-through).  This set of
   state machines shows how EAP can be implemented to support deployment
   in either a peer/authenticator or peer/authenticator/AAA Server
   environment.  The peer and stand-alone authenticator machines are
   illustrative of how the EAP protocol defined in RFC 3748 may be
   implemented.  The backend and full/pass-through authenticators
   illustrate how EAP/AAA protocol support defined in RFC 3579 may be
   implemented.  Where there are differences, RFC 3748 and RFC 3579 are
   authoritative.

   The state machines are based on the EAP "Switch" model.  This model
   includes events and actions for the interaction between the EAP
   Switch and EAP methods.  A brief description of the EAP "Switch"
   model is given in the Introduction section.

   The state machine and associated model are informative only.
   Implementations may achieve the same results using different methods.

Vollbrecht, et al.           Informational                      [Page 1]
RFC 4137                   EAP State Machines                August 2005

Table of Contents

   1. Introduction: The EAP Switch Model ..............................3
   2. Specification of Requirements ...................................4
   3. Notational Conventions Used in State Diagrams ...................5
      3.1. Notational Specifics .......................................5
      3.2. State Machine Symbols ......................................7
      3.3. Document Authority .........................................8
   4. Peer State Machine ..............................................9
      4.1. Interface between Peer State Machine and Lower Layer .......9
      4.2. Interface between Peer State Machine and Methods ..........11
      4.3. Peer State Machine Local Variables ........................13
      4.4. Peer State Machine Procedures .............................14
      4.5. Peer State Machine States .................................15
   5. Stand-Alone Authenticator State Machine ........................17
      5.1. Interface between Stand-Alone Authenticator State
           Machine and Lower Layer ...................................17
      5.2. Interface between Stand-Alone Authenticator State
           Machine and Methods .......................................19
      5.3. Stand-Alone Authenticator State Machine Local Variables ...21
      5.4. EAP Stand-Alone Authenticator Procedures ..................22
      5.5. EAP Stand-Alone Authenticator States ......................24
   6. EAP Backend Authenticator ......................................26
      6.1. Interface between Backend Authenticator State
           Machine and Lower Layer ...................................26
      6.2. Interface between Backend Authenticator State
           Machine and Methods .......................................28
      6.3. Backend Authenticator State Machine Local Variables .......28
      6.4. EAP Backend Authenticator Procedures ......................28
      6.5. EAP Backend Authenticator States ..........................29
   7. EAP Full Authenticator .........................................29
      7.1. Interface between Full Authenticator State Machine
           and Lower Layer ...........................................30
      7.2. Interface between Full Authenticator State Machine
           and Methods ...............................................31
      7.3. Full Authenticator State Machine Local Variables ..........32
      7.4. EAP Full Authenticator Procedures .........................32
      7.5. EAP Full Authenticator States .............................32
   8. Implementation Considerations ..................................34
Show full document text
RFC Editor IASA & IETF LLC IETF Trust IRTF IETF IESG IAB IANA Privacy Statement IETF Tools