RFC 5998

An Extension for EAP-Only Authentication in IKEv2, September 2010

Canonical URL:
https://www.rfc-editor.org/rfc/rfc5998.txt
File formats:
Plain TextPDF
Status:
PROPOSED STANDARD
Updates:
RFC 5996
Authors:
P. Eronen
H. Tschofenig
Y. Sheffer
Stream:
IETF
Source:
ipsecme (sec)

Cite this RFC: TXT  |  XML

DOI:  http://dx.doi.org/10.17487/RFC5998

Discuss this RFC: Send questions or comments to ipsec@ietf.org

Other actions: Find Errata (if any)  |  Submit Errata  |  Find IPR Disclosures from the IETF


Abstract

IKEv2 specifies that Extensible Authentication Protocol (EAP) authentication must be used together with responder authentication based on public key signatures. This is necessary with old EAP methods that provide only unilateral authentication using, e.g., one- time passwords or token cards. This document specifies how EAP methods that provide mutual authentication and key agreement can be used to provide extensible responder authentication for IKEv2 based on methods other than public key signatures. [STANDARDS-TRACK]


For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 4844.


Download PDF Reader



Search RFCs
Advanced Search
×