The Flexible Authentication via Secure Tunneling Extensible Authentication Protocol Method (EAP-FAST)

This document defines the Extensible Authentication Protocol (EAP) based Flexible Authentication via Secure Tunneling (EAP-FAST) protocol. EAP-FAST is an EAP method that enables secure communication between a peer and a server by using the Transport Layer Security (TLS) to establish a mutually authenticated tunnel. Within the tunnel, Type-Length-Value (TLV) objects are used to convey authentication related data between the peer and the EAP server. This memo provides information for the Internet community.

[1]  Paul E. Hoffman,et al.  Determining Strengths For Public Keys Used For Exchanging Symmetric Keys , 2004, RFC.

[2]  R. B. Redmon,et al.  Identity , 2021, Notre Dame J. Formal Log..

[3]  Eric Rescorla,et al.  The Transport Layer Security (TLS) Protocol Version 1.1 , 2006, RFC.

[4]  Russ Housley,et al.  Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile , 2002, RFC.

[5]  Russ Housley,et al.  Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile , 2002, RFC.

[6]  Scott O. Bradner,et al.  Key words for use in RFCs to Indicate Requirement Levels , 1997, RFC.

[7]  Glen Zorn,et al.  Diameter Extensible Authentication Protocol (EAP) Application , 2005, RFC.

[8]  Thomas Narten,et al.  Guidelines for Writing an IANA Considerations Section in RFCs , 1998, RFC.

[9]  Christopher Allen,et al.  The TLS Protocol Version 1.0 , 1999, RFC.

[10]  Elaine B. Barker,et al.  Recommendation for key management: , 2019 .

[11]  Bernard Aboba,et al.  Extensible Authentication Protocol (EAP) , 2004, RFC.

[12]  Russ Housley,et al.  Update to DirectoryString Processing in the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile , 2006, RFC.

[13]  Pete Chown,et al.  Advanced Encryption Standard (AES) Ciphersuites for Transport Layer Security (TLS) , 2002, RFC.

[14]  Bernard Aboba,et al.  RADIUS (Remote Authentication Dial In User Service) Support For Extensible Authentication Protocol (EAP) , 2003, RFC.

[15]  Jari Arkko,et al.  The Network Access Identifier , 2005, RFC.

[16]  David Cooper,et al.  Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile , 2008, RFC.

[17]  Donald E. Eastlake,et al.  Randomness Requirements for Security , 2005, RFC.

[18]  Hao Zhou,et al.  Transport Layer Security (TLS) Session Resumption without Server-Side State , 2008, RFC.