November 10, 2003EAP WG, IETF 581 EAP State Machines (draft-ietf-eap-statemachine-01) John Vollbrecht, Pasi Eronen, Nick Petroni, Yoshihiro Ohba.

Slides:



Advertisements
Similar presentations
EAP STATE Machine Proposal
Advertisements

EAP State Machines IETF 56 - March 19, 2003 John Vollbrecht Nick Petroni
IRTF - AAAARCH - RG Authentication Authorisation Accounting ARCHitecture RG chairs: J. Vollbrecht and C. de Laat RFC 2903, 2904, 2905,
Overview of proposed EAP methods, credential types, and uses Pasi Eronen IETF64 EMU BoF November 10 th, 2005.
August 2, 2005EAP WG, IETF 631 EAP-IKEv2 review Pasi Eronen.
TCG Confidential Copyright© 2005 Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #1 TNC EAP IETF EAP.
IETF 58 PANA WG PANA Update and Open Issues (draft-ietf-pana-pana-02.txt) Dan Forsberg, Yoshihiro Ohba, Basavaraj Patil, Hannes Tschofenig, Alper Yegin.
Session Policy Framework using EAP draft-mccann-session-policy-framework-using-eap-00.doc IETF 76 – Hiroshima Stephen McCann, Mike Montemurro.
July 16, 2003AAA WG, IETF 571 AAA WG Meeting IETF 57 Vienna, Austria Wednesday, July 16,
July 15, 2002IETF54 PANA WG1 PANA Usage Scenarios Updates (draft-ietf-pana-usage-scenarios-02.txt) Yoshihiro Ohba Subir Das
March 7, 2005MOBIKE WG, IETF 621 Mobility Protocol Options for IKEv2 (MOPO-IKE) Pasi Eronen.
Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.
Doc: Submission September 2003 Dorothy Stanley (Agere Systems) IETF Liaison Report September 2003 Dorothy Stanley – Agere Systems IEEE.
1 EAP Usage Issues Feb 05 Jari Arkko. 2 Typical EAP Usage PPP authentication Wireless LAN authentication –802.1x and i IKEv2 EAP authentication.
Diameter SIP application IETF 64 Vancouver, 6-11 November, 2005
EAP Key Framework Draft-ietf-eap-keying-01.txt IETF 58 Minneapolis, MN Bernard Aboba Microsoft.
July 16, Diameter EAP Application (draft-ietf-aaa-eap-02.txt) on behalf of...
IETF55 AAA WGDiameter C++ API and Open Diameter project 1 Diameter C++ API and Open Diameter Project Yoshihiro Ohba Victor Fajardo Dilip Patel.
Directory Assisted Edge Donald Eastlake, Linda Dunbar Huawei Technologies
March 15, 2005 IETF #62 Minneapolis1 EAP Discovery draft-adrangi-eap-network-discovery-10.txt Farid Adrangi ( )
1 RADIUS Mobile IPv6 Support draft-ietf-mip6-radius-01.txt Kuntal Chowdhury Avi Lior Hannes Tschofenig.
EAP Extensions for EAP Re- authentication Protocol (ERP) draft-wu-hokey-rfc5296bis-01 Yang Shi Qin Wu Zhen Cao
EAP Extensions for EAP Early Authentication Protocol (EEP) Hao Wang, Yang Shi, Tina Tsou.
WG Document Status 192nd IETF TEAS Working Group.
Multrans Path Optimization draft-zhou-mboned-multrans-path-optimization-02 Cathy ZHOU Qiong SUN IETF 84, Vancouver.
November 2005IETF 64, Vancouver, Canada1 EAP-POTP The Protected One-Time Password EAP Method Magnus Nystrom, David Mitton RSA Security, Inc.
802.1X & EAP State Machines (found at: Jim Burns Paul Congdon Nick Petroni John Vollbrecht.
PANA Framework Prakash Jayaraman, Rafa Marin Lopez, Yoshihiro Ohba, Mohan Parthasarathy, Alper Yegin IETF 59.
EAP Keying Framework Draft-aboba-pppext-key-problem-06.txt EAP WG IETF 56 San Francisco, CA Bernard Aboba.
IETF78 Multimob Masstricht1 Proposal for Tuning IGMPv3/MLDv2 Protocol Behavior in Wireless and Mobile networks draft-wu-multimob-igmp-mld-tuning-02 Qin.
1 UML Modeling of Spacecraft Onboard Instruments Takahiro Yamada, JAXA/ISAS April 2005.
EAP Extensions for EAP Re- authentication Protocol (ERP) draft-wu-hokey-rfc5296bis-01 Glen Zorn Qin Wu Zhen Cao.
CSE 8343 State Machines for Extensible Authentication Protocol Peer and Authenticator.
Enabling Binding Update via access authorization Charles Perkins, Basavaraj Patil IETF 82 [netext] WG / Taipei November 16, 2011.
xxx IEEE MEDIA INDEPENDENT HANDOVER DCN: xxx Title: IETF Liaison Report Date Submitted: November 16, 2006 Presented.
2006/7/10IETF66 RADEXT WG1 Pre-authentication AAA Requirements Yoshihiro Ohba Alper Yegin
Washinton D.C., November 2004 IETF 61 st – mip6 WG MIPv6 authorization and configuration based on EAP (draft-giaretta-mip6-authorization-eap-02) Gerardo.
Nov. 9, 2004IETF61 PANA WG PANA Specification Last Call Issues Yoshihiro Ohba, Alper Yegin, Basavaraj Patil, D. Forsberg, Hannes Tschofenig.
RFC 2716bis Wednesday, July 12, 2006 Draft-simon-emu-rfc2716bis-02.txt Dan Simon Bernard Aboba IETF 66, Montreal, Canada.
Minneapolis, March 2005 IETF 62 nd – mip6 WG Goals for AAA-HA interface (draft-giaretta-mip6-aaa-ha-goals-00) Gerardo Giaretta Ivano Guardini Elena Demaria.
IEEE MEDIA INDEPENDENT HANDOVER Title: An Architecture for Security Optimization During Handovers Date Submitted: September,
IETF69 PANA WG Victor Fajardo, Yoshihiro Ohba and Rafael Marin Lopez PANA State Machine Issue Resolution (draft-ietf-pana-statemachine-05.txt)
August 2, 2005IETF63 EAP WG AAA-Key Derivation with Lower-Layer Parameter Binding (draft-ohba-eap-aaakey-binding-01.txt) Yoshihiro Ohba (Toshiba) Mayumi.
1 Extensible Authentication Protocol (EAP) Working Group IETF-57.
Paris, August 2005 IETF 63 rd – mip6 WG Mobile IPv6 bootstrapping in split scenario (draft-ietf-mip6-bootstrapping-split-00) mip6-boot-sol DT Gerardo Giaretta,
MIP6 RADIUS IETF-72 Update draft-ietf-mip6-radius-05.txt A. LiorBridgewater Systems K. ChowdhuryStarent Networks H. Tschofenig Nokia Siemens Networks.
San Diego, November 2006 IETF 67 th – mip6 WG Goals for AAA-HA interface (draft-ietf-mip6-aaa-ha-goals-03) Gerardo Giaretta Ivano Guardini Elena Demaria.
11/20/2002AAA Agenda- IETF 55 Atlanta1 Authentication, Authorization, Accounting (AAA) WG Chairs: Bernard Aboba Dave Mitton.
August 4, 2004EAP WG, IETF 601 Authenticated service identities for EAP (draft-arkko-eap-service-identity-auth-00) Jari Arkko Pasi Eronen.
Eap STate machinE dEsign teaM (ESTEEM) Draft Team members Bernard Aboba, Jari Arkko, Paul.
11/20/2002IETF 55 - AAA WG, NASREQ-101 Diameter-Nasreq-10 Dave Mitton, Most recent Document Editor With Contributions from David Spence & Glen Zorn.
EAP Applicability IETF-86 Joe Salowey. Open Issues Open Issues with Retransmission and re- authentication Remove text about lack of differentiation in.
CAPWAP Threat Analysis
Pre-authentication Problem Statement (draft-ohba-hokeyp-preauth-ps-00
<draft-ohba-pana-framework-00.txt>
Informing AAA about what lower layer protocol is carrying EAP
Open issues with PANA Protocol
RADEXT WG RADIUS Attributes for WLAN Draft-aboba-radext-wlan-00.txt
EAP State Machines (draft-vollbrecht-eap-state-04.txt,ps)
PANA Issues and Resolutions
EAP-GEE Lakshminath Dondeti Vidya Narayanan
Pre-authentication Overview
ERP extension for EAP Early-authentication Protocol (EEP)
DHCPv6-Shield: Protecting Against Rogue DHCPv6 Servers
Radius Attribute for MAP draft-jiang-softwire-map-radius-03
Greg Mirsky IETF-99 July 2017, Prague
EAP State Machines IETF 56 - March 19, 2003
IEEE MEDIA INDEPENDENT HANDOVER
Qin Wu Zhen Cao Yang Shi Baohong He
Diameter ABFAB Application
Presentation transcript:

November 10, 2003EAP WG, IETF 581 EAP State Machines (draft-ietf-eap-statemachine-01) John Vollbrecht, Pasi Eronen, Nick Petroni, Yoshihiro Ohba

November 10, 2003EAP WG, IETF 582 Overview State machines for –EAP peer –EAP authenticator Including special cases for passthrough and backend authenticator Goals –Informational, not normative –Make understanding 2284bis easier –Work with 802.1X-REV state machines

November 10, 2003EAP WG, IETF 583 Status Adopted as WG work item at IETF57 Currently in WG last call

November 10, 2003EAP WG, IETF 584 EAP peer No changes since IETF57 (draft-vollbrecht-eap-state-04)

November 10, 2003EAP WG, IETF 585 EAP authenticator “Passthrough method” and “backend adapter” were difficult to understand New approach: three state machines –Standalone –Backend –Full (standalone + passthrough) No “special methods” or “adapters”

November 10, 2003EAP WG, IETF 586 Standalone authenticator No passthrough or AAA issues Peer-visible behavior should comply to this even when passthrough is used Interfaces to –Lower layer (matching 802.1X-REV) –EAP methods

November 10, 2003EAP WG, IETF 587 Backend authenticator Interfaces to –AAA module (RFC3579, Diameter EAP) –EAP methods Differences from standalone –Sends and receives EAP messages via AAA module instead of 1X-REV interface –No retransmissions –First packet can be EAP Response

November 10, 2003EAP WG, IETF 588 Full authenticator Standalone with a passthrough ”switch” Interfaces to –Lower layer (matching 802.1X-REV) –EAP methods (when not in passthrough mode) –AAA module (when in passthrough mode)

November 10, 2003EAP WG, IETF 589 Full & backend Full & backend Lower layer Full authenticator EAP method Backend authenticator AAA AAA interface Lower layer if Method interface AAA EAP method

November 10, 2003EAP WG, IETF 5810 Full authenticator Diagram split to two pages –1 st page: standalone authenticator + one transition for passthrough switch –2 nd page: passthrough mode Single transition from page 1 to 2 –…so the split should not make reading more difficult? –…easy to see what a “passthrough-only” authenticator does?

November 10, 2003EAP WG, IETF 5811 Next steps Handle issues from WG last call Publish as Informational

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.