A New Internet-Draft is available from the on-line Internet-Drafts directories.
Title : A Flexible Authentication Framework for the Transport Layer Security (TLS) Protocol using the Extensible Authentication Protocol (EAP)
Author(s) : Yoav Nir
Yaron Sheffer
Hannes Tschofenig
Peter Gutmann
Filename : draft-nir-tls-eap-13.txt
Pages : 20
Date : 2011-12-19
Many of today's Web security problems have their root in the
widespread usage of weak authentication mechanisms bundled with the
usage of password based credentials. Dealing with both of these
problems is the basis of this publication.
This document extends the Transport Layer Security (TLS) protocol
with a flexible and widely deployed authentication framework, namely
the Extensible Authentication Protocol (EAP), to improve security of
Web- as well as non-Web-based applications. The EAP framework allows
so-called EAP methods, i.e. authentication and key exchange
protocols, to be plugged into EAP without having to re-design the
underlying protocol. The benefit of such an easy integration is the
ability to run authentication protocols that fit a specific
deployment environment, both from a credential choice as well as from
the security and performance characteristics of the actual protocol.
This work follows the example of IKEv2, where EAP has been added to
allow clients to seamlessly use different forms of authentication
credentials, such as passwords, token cards, and shared secrets.
A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-nir-tls-eap-13.txt
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
This Internet-Draft can be retrieved at:
ftp://ftp.ietf.org/internet-drafts/draft-nir-tls-eap-13.txt
_______________________________________________
I-D-Announce mailing list
I-D-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
