RFC 9427

TLS-Based Extensible Authentication Protocol (EAP) Types for Use with TLS 1.3, June 2023

File formats:

icon for HTML icon for text file icon for v3pdf icon for XML
Also available: XML file for editing
RFC 4851, RFC 5281, RFC 7170
A. DeKok
emu (sec)

Cite this RFC: TXT  |  XML  |   BibTeX

DOI:  https://doi.org/10.17487/RFC9427

Discuss this RFC: Send questions or comments to the mailing list emu@ietf.org

Other actions: Submit Errata  |  Find IPR Disclosures from the IETF  |  View History of RFC 9427


The Extensible Authentication Protocol-TLS (EAP-TLS) (RFC 5216) has been updated for TLS 1.3 in RFC 9190. Many other EAP Types also depend on TLS, such as EAP-Flexible Authentication via Secure Tunneling (EAP-FAST) (RFC 4851), EAP-Tunneled TLS (EAP-TTLS) (RFC 5281), the Tunnel Extensible Authentication Protocol (TEAP) (RFC 7170). It is possible that many vendor-specific EAP methods, such as the Protected Extensible Authentication Protocol (PEAP), depend on TLS as well. This document updates those methods in order to use the new key derivation methods available in TLS 1.3. Additional changes necessitated by TLS 1.3 are also discussed.

For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 8729.

Advanced Search