eap-7----Page:4
1  2  3  4  5  6  7  8 

TLS “InnerApplication” Extension(TLS/IA) TLS/IA defines a mechanism for embedding EAP authentication and other negotiations in TLS itself. Allows any TLS-based protocol to use inner EAP authentication. Uses standard RFC 3546 extension mechanism Inner Application extension appended to ClientHello, confirmed in ServerHello Defines new “Inner Application” record type. Inner Application records follow immediately after TLS handshake, but prior to upper-layer data exchange. New record type carries one or more “phases”. Each phase consists of: exchange of AVPs permutation of Inner Secret exchange of PhaseFinished messages for confirmation. TLS handshake plus Inner Application records can be thought of as an “extended handshake”.

PPT Version