EAP-PSK will soon become RFC

Good news for Florent and myself: EAP-PSK will soon become RFC since it passed AUTH48. Take a look at the document: ftp://ftp.rfc-editor.org/in-notes/authors/rfc4764.txt
(Btw, the first version of the draft was submitted in January 2004.)


For those who haven’t followed the Extensible Authentication Protocol (EAP) work here is a short summary: EAP-PSK offers a secure EAP method replacement for EAP-MD5. It is a secure pre-shared-based authentication and key exchange protocol primarily used for network access authentication. With the EAP enhancements to TLS it is also useful for other usage environments, including SSL/TLS based VPNs and any applications.


 

Another interesting proposal that is being developed right now is EAP-GPSK, a Standards Track EAP method, that shares the design goals as EAP-PSK. EAP-GPSK is being developed in the EMU working group, see http://www.ietf.org/html.charters/emu-charter.html

Leave a Reply

Your email address will not be published. Required fields are marked *