icos-2----Page:13
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18
|
EAP Extensible Authentication Protocol (EAP) is a media-independent framework for network access authentication RFC 3748 defines EAP over PPP IEEE 802.1X defines EAP over IEEE 802 wired networks IEEE 802.11i defines EAP over IEEE 802.11 EAP encapsulation not defined on other link layers Defining EAP on a new link not just a protocol design exercise Standards organization defining the link layer must agree to the EAP security model (new state machine) Example: Would ANSI T.10 define EAP over Fibre Channel? Result: EAP introduces link layer dependency unless it can be run over IP (or higher) layers Algorithm support RFC 3748 mandatory-to-implement algorithm is MD5 Where this is inadequate, application needs to define its own mandatory-to-implement algorithm |