Eap STate machinE dEsign teaM (ESTEEM) Draft Team members Bernard Aboba, Jari Arkko, Paul.

Slides:



Advertisements
Similar presentations
Doc.: IEEE /1186r0 Submission October 2004 Aboba and HarkinsSlide 1 PEKM (Post-EAP Key Management Protocol) Bernard Aboba, Microsoft Dan Harkins,
Advertisements

IEEE i: A Retrospective Bernard Aboba Microsoft March 2004.
1 Needham-Schroeder Key Descriptor 11/12/2002 Needham-Schroeder Key Descriptor Robert G. Moskowitz ICSAlabs IEEE 802 Plenary Meeting Kauai, Nov 12, 2002.
EAP STATE Machine Proposal
EAP Scenarios and 802.1af Joseph Salowey 1/12/2006.
doc.: IEEE /382 Bernard Aboba Microsoft
EAP State Machines IETF 56 - March 19, 2003 John Vollbrecht Nick Petroni
1 Address Selection, Failure Detection and Recovery in MULTI6 draft-arkko-multi6dt-failure-detection-00.txt Multi6 Design Team -- Jari Arkko, Marcelo Bagnulo,
Doc.: IEEE /275 Submission September 2000 David Halasz, Cisco Systems, Inc.Slide 1 IEEE 802.1X for IEEE David Halasz, Stuart Norman, Glen.
What is EAP EAP stands for Extensible Authentication Protocol. Offers a basic framework for authentication. Many different authentication protocols can.
TCG Confidential Copyright© 2005 Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #1 TNC EAP IETF EAP.
IETF 58 PANA WG PANA Update and Open Issues (draft-ietf-pana-pana-02.txt) Dan Forsberg, Yoshihiro Ohba, Basavaraj Patil, Hannes Tschofenig, Alper Yegin.
Chapter 5 Secure LAN Switching.  MAC Address Flooding Causing CAM Overflow and Subsequent DOS and Traffic Analysis Attacks.
July 16, 2003AAA WG, IETF 571 AAA WG Meeting IETF 57 Vienna, Austria Wednesday, July 16,
Network Security1 – Chapter 5 (B) – Using IEEE 802.1x Purpose: (a) port authentication (b) access control An IEEE standard
Doc: Submission September 2003 Dorothy Stanley (Agere Systems) IETF Liaison Report September 2003 Dorothy Stanley – Agere Systems IEEE.
DIME Rechartering Hannes Tschofenig & Dave Frascone.
November 10, 2003EAP WG, IETF 581 EAP State Machines (draft-ietf-eap-statemachine-01) John Vollbrecht, Pasi Eronen, Nick Petroni, Yoshihiro Ohba.
1 DHCP Authentication Discussion INTAREA meeting, 70th IETF Vancouver, Canada Jari Arkko and Ralph Droms.
EAP Key Framework Draft-ietf-eap-keying-01.txt IETF 58 Minneapolis, MN Bernard Aboba Microsoft.
March 15, 2005 IETF #62 Minneapolis1 EAP Discovery draft-adrangi-eap-network-discovery-10.txt Farid Adrangi ( )
EAP Method Update (EMU) IETF-79 Chairs Joe Salowey Alan DeKok.
IEEE MEDIA INDEPENDENT HANDOVER DCN: Title: IETF Liaison Report Date Submitted: September 23, 2009 Presented at IEEE session.
EAP-based Mediating Network Selection Copyright © 2003, The Internet Society Farid Adrangi Intel Corporation ( ) ACKNOWLEDGEMENTS:
EAP Method Update (EMU) IETF-80 Chairs: Joe Salowey Alan DeKok.
802.1X & EAP State Machines (found at: Jim Burns Paul Congdon Nick Petroni John Vollbrecht.
PANA Framework Prakash Jayaraman, Rafa Marin Lopez, Yoshihiro Ohba, Mohan Parthasarathy, Alper Yegin IETF 59.
EAP-FAST Version 2 draft-zhou-emu-eap-fastv2-00.txt Hao Zhou Nancy Cam-Winget Joseph Salowey Stephen Hanna March 2011.
March 17, 2003 IETF #56, SAN FRANCISCO1 Compound Authentication Binding Problem (EAP Binding Draft) Jose Puthenkulam Intel Corporation (
CSE 8343 State Machines for Extensible Authentication Protocol Peer and Authenticator.
1 Bandwidth Profile Negotiation over AAA Farid Adrangi, Paul Congdon, Chuck Black, Avi Lior, Farooq Bari draft-adrangi-radius-bandwidth-capability-01.txt.
xxx IEEE MEDIA INDEPENDENT HANDOVER DCN: xxx Title: IETF Liaison Report Date Submitted: November 16, 2006 Presented.
EAP WG IETF 55 Atlanta, GA. EAP WG Meeting Monday, Salon II Preliminaries (10 minutes) –Bluesheets, minutes –Document Status RFC 2284 Bis EAP.
Draft-ietf-radext-filter-rules-01-txt “NAS-Traffic-Rule Attribute” Bernard Aboba Paul Congdon Mauricio Sanchez IETF 67 – San Diego, CA draft-ietf-radext-filter-05-txt.
1 Network Selection Problem Definition Draft-ietf-eap-netsel-problem-01.txt Jari Arkko Bernard Aboba.
RFC 2716bis Wednesday, July 12, 2006 Draft-simon-emu-rfc2716bis-02.txt Dan Simon Bernard Aboba IETF 66, Montreal, Canada.
NEA Working Group IETF meeting July 27, 2011 Jul 27, 2011IETF 81 - NEA Meeting1.
Nov 10, EAP-based Mediating Network Discovery and Selection Copyright © 2003, The Internet Society Farid Adrangi Intel Corporation (
August 2, 2005IETF63 EAP WG AAA-Key Derivation with Lower-Layer Parameter Binding (draft-ohba-eap-aaakey-binding-01.txt) Yoshihiro Ohba (Toshiba) Mayumi.
1 Extensible Authentication Protocol (EAP) Working Group IETF-57.
1 EAP WG Methods Discussion IETF-62 Jari Arkko Bernard Aboba.
7/24/2007IETF69 PANA WG1 PANA Issues and Resolutions draft-ietf-pana-pana-17.txt draft-ietf-pana-framework-09.txt Yoshihiro Ohba Alper Yegin.
11/20/2002AAA Agenda- IETF 55 Atlanta1 Authentication, Authorization, Accounting (AAA) WG Chairs: Bernard Aboba Dave Mitton.
11/20/2002IETF 55 - AAA WG, NASREQ-101 Diameter-Nasreq-10 Dave Mitton, Most recent Document Editor With Contributions from David Spence & Glen Zorn.
1 RADEXT WG Agenda IETF-60 Bernard Aboba David Nelson.
EAP Applicability IETF-86 Joe Salowey. Open Issues Open Issues with Retransmission and re- authentication Remove text about lack of differentiation in.
November 18, 2002 IETF #55, ATLANTA1 Problem with Compound Authentication Methods Jesse Walker Intel Corporation (
<draft-ohba-pana-framework-00.txt>
Informing AAA about what lower layer protocol is carrying EAP
Open issues with PANA Protocol
RADEXT WG RADIUS Attributes for WLAN Draft-aboba-radext-wlan-00.txt
EAP State Machines (draft-vollbrecht-eap-state-04.txt,ps)
Katrin Hoeper Channel Bindings Katrin Hoeper
Jari Arkko Bernard Aboba
802.1x/EAP state machine status Work in Progress
The Tunneled Extensible Authentication Method (TEAM)
Glen Zorn Cisco Systems
– Chapter 5 (B) – Using IEEE 802.1x
IEEE MEDIA INDEPENDENT HANDOVER DCN:
Data Link Layer (cont’d)
PEKM (Post-EAP Key Management Protocol)
EAP State Machines IETF 56 - March 19, 2003
Robert Moskowitz, Verizon
Robert Moskowitz, Verizon
802.1X/ Issues Nancy Cam-Winget, Cisco Systems
Robert Moskowitz, Verizon
Robert Moskowitz, Verizon
TGr Closing Report November 2004
Data Link Layer (cont’d)
Robert Moskowitz, Verizon
Presentation transcript:

Eap STate machinE dEsign teaM (ESTEEM) Draft Team members Bernard Aboba, Jari Arkko, Paul Congdon, Rodrigo Garces, Robert Moskowitz, Yoshihiro Ohba, Bryan Payne, Nick Petroni, Joseph Salowey, John Vollbrecht, Jesse Walker, Glen Zorn Goal Fix state machine so that it is compatible with IEEE 802.1aa and RFC 2869 Bis, and that it correctly handles optional identity exchange, method sequences, re-authentication, retransmission,... Operation Position papers, weekly conferences, minutes, esteem draft, input to issues and state machine drafts

ESTEEM Position Papers Issues with the EAP State Machine Yoshihiro Ohba Comparison of EAP state machines with RFC 2284bis Bryan Payne, Nick Petroni EAP State Machine Completeness Jari Arkko When can notif/nack/... be sent? Bernard Aboba Communication between the Method and EAP layer Bernard Aboba EAP switch and multiple methods John Vollbrecht

ESTEEM Decisions Basic issues –Allow notification in any state; can’t be Nakked –EAP layer (not method) handles duplicate detection and id numbers (#25) –Follow IEEE 802.1aa format in state machine definition Identity requests –Identity request/response can only appear between methods –Our preference is that identity requests be optional. –Leaning towards making Nak disallowed for Identity Request Success and failure indications –If an authenticated indication exists, should not believe alternative indications –Link-layer indications provided to EAP MUST be processed (#2) –Unprotected success indications are only accepted after method is complete (#2) –Peers should be able to accept Failure in unauthenticated state –Authenticated indications require support for sequences or tunnels (#10) Sequences –Methods can’t be executed in parallel; Nak if received –No pre-negotiation of method sequencing capability, just Nak afterwards (#7)

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.