EAP Peer Credential Protection
Actual EAP methods provide authentication services based on the use of certificates, secret keys or passwords. These methods, excepting the tunneling ones, exchange peer identity in clear text. Moreover, some of these methods do not enable the ability to exchange channel binding information. They do not, however, define a common encoding of the credential protection or of the channel binding or of. This document defines AVPs to securely exchange data related to the peer identity, when an EAP method deriving keys is deployed.