The EAP-TLS Authentication Protocol
RFC 5216
Document Type RFC - Proposed Standard (March 2008; Errata)
Obsoletes RFC 2716
Last updated 2020-01-21
Stream IETF
Formats plain text html pdf htmlized with errata bibtex
Reviews
SECDIR Last Call Review
Stream WG state (None)
Document shepherd No shepherd assigned
IESG IESG state RFC 5216 (Proposed Standard)
Consensus Boilerplate Unknown
Telechat date
Responsible AD Sam Hartman
Send notices to (None)
Email authors Email WG IPR References Referenced by Nits 
Network Working Group                                           D. Simon
Request for Comments: 5216                                      B. Aboba
Obsoletes: 2716                                                 R. Hurst
Category: Standards Track                          Microsoft Corporation
                                                              March 2008

                  The EAP-TLS Authentication Protocol

Status of This Memo

   This document specifies an Internet standards track protocol for the
   Internet community, and requests discussion and suggestions for
   improvements.  Please refer to the current edition of the "Internet
   Official Protocol Standards" (STD 1) for the standardization state
   and status of this protocol.  Distribution of this memo is unlimited.

Abstract

   The Extensible Authentication Protocol (EAP), defined in RFC 3748,
   provides support for multiple authentication methods.  Transport
   Layer Security (TLS) provides for mutual authentication, integrity-
   protected ciphersuite negotiation, and key exchange between two
   endpoints.  This document defines EAP-TLS, which includes support for
   certificate-based mutual authentication and key derivation.

   This document obsoletes RFC 2716.  A summary of the changes between
   this document and RFC 2716 is available in Appendix A.

Simon, et al.               Standards Track                     [Page 1]
RFC 5216            EAP-TLS Authentication Protocol           March 2008

Table of Contents

   1. Introduction ....................................................2
      1.1. Requirements ...............................................3
      1.2. Terminology ................................................3
   2. Protocol Overview ...............................................4
      2.1. Overview of the EAP-TLS Conversation .......................4
           2.1.1. Base Case ...........................................4
           2.1.2. Session Resumption ..................................7
           2.1.3. Termination .........................................8
           2.1.4. Privacy ............................................11
           2.1.5. Fragmentation ......................................14
      2.2. Identity Verification .....................................16
      2.3. Key Hierarchy .............................................17
      2.4. Ciphersuite and Compression Negotiation ...................19
   3. Detailed Description of the EAP-TLS Protocol ...................20
      3.1. EAP-TLS Request Packet ....................................20
      3.2. EAP-TLS Response Packet ...................................22
   4. IANA Considerations ............................................23
   5. Security Considerations ........................................24
      5.1. Security Claims ...........................................24
      5.2. Peer and Server Identities ................................25
      5.3. Certificate Validation ....................................26
      5.4. Certificate Revocation ....................................27
      5.5. Packet Modification Attacks ...............................28
   6. References .....................................................29
      6.1. Normative References ......................................29
      6.2. Informative References ....................................29
   Acknowledgments ...................................................31
   Appendix A -- Changes from RFC 2716 ...............................32

1.  Introduction

   The Extensible Authentication Protocol (EAP), described in [RFC3748],
   provides a standard mechanism for support of multiple authentication
   methods.  Through the use of EAP, support for a number of
   authentication schemes may be added, including smart cards, Kerberos,
   Public Key, One Time Passwords, and others.  EAP has been defined for
   use with a variety of lower layers, including the Point-to-Point
   Protocol (PPP) [RFC1661], Layer 2 tunneling protocols such as the
   Point-to-Point Tunneling Protocol (PPTP) [RFC2637] or Layer 2
   Tunneling Protocol (L2TP) [RFC2661], IEEE 802 wired networks
   [IEEE-802.1X], and wireless technologies such as IEEE 802.11 [IEEE-
   802.11] and IEEE 802.16 [IEEE-802.16e].

   While the EAP methods defined in [RFC3748] did not support mutual
   authentication, the use of EAP with wireless technologies such as
   [IEEE-802.11] has resulted in development of a new set of

Simon, et al.               Standards Track                     [Page 2]
RFC 5216            EAP-TLS Authentication Protocol           March 2008

   requirements.  As described in "Extensible Authentication Protocol
   (EAP) Method Requirements for Wireless LANs" [RFC4017], it is
   desirable for EAP methods used for wireless LAN authentication to
   support mutual authentication and key derivation.  Other link layers
   can also make use of EAP to enable mutual authentication and key
Show full document text
RFC Editor IASA & IETF LLC IETF Trust IRTF IETF IESG IAB IANA Privacy Statement IETF Tools