RFC 8940

Extensible Authentication Protocol (EAP) Session-Id Derivation for EAP Subscriber Identity Module (EAP-SIM), EAP Authentication and Key Agreement (EAP-AKA), and Protected EAP (PEAP), October 2020

File formats:

icon for HTML icon for text file icon for v3pdf icon for XML
Status:
PROPOSED STANDARD
Updates:
RFC 5247
Author:
A. DeKok
Stream:
IETF
Source:
emu (sec)

Cite this RFC: TXT  |  XML

DOI:  10.17487/RFC8940

Discuss this RFC: Send questions or comments to emu@ietf.org

Other actions: Submit Errata  |  Find IPR Disclosures from the IETF


Abstract

RFC 5247 is updated to define and clarify EAP Session-Id derivation for multiple Extensible Authentication Protocol (EAP) methods. The derivation of Session-Id was not given for EAP Subscriber Identity Module (EAP-SIM) or EAP Authentication and Key Agreement (EAP-AKA) when using the fast reconnect exchange instead of full authentication. The derivation of Session-Id for full authentication is clarified for both EAP-SIM and EAP-AKA. The derivation of Session-Id for Protected EAP (PEAP) is also given. The definition for PEAP follows the definition for other TLS-based EAP methods.


For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 4844.


Download PDF Reader