Extensible Authentication Protocol: Difference between revisions

EAP is an authentication framework for providing the transport and usage of material and parameters generated by EAP methods. There are many methods defined by RFCs, and a number of vendor -specific methods and new proposals exist. EAP is not a wire protocol; instead it only defines the information from the interface and the formats. Each protocol that uses EAP defines a way to encapsulate by the user EAP messages within that protocol's messages.

EAP is an authentication framework, not a specific authentication mechanism.<ref name="rfc3748_sec1">RFC 3748, § 1</ref> It provides some common functions and negotiation of authentication methods called EAP methods. There are currently about 40 different methods defined. Methods defined in [[IETF]] RFCs include EAP-MD5, EAP-POTP, EAP-GTC, EAP-TLS, EAP-IKEv2, EAP-SIM, EAP-AKA, and EAP-AKA'. Additionally, a number of vendor-specific methods and new proposals exist. Commonly used modern methods capable of operating in wireless networks include EAP-TLS, EAP-SIM, EAP-AKA, [[Lightweight Extensible Authentication Protocol|LEAP]] and EAP-TTLS. Requirements for EAP methods used in wireless LAN authentication are described in RFC 4017. The list of type and packets codes used in EAP is available from the IANA EAP Registry.<ref>{{Cite web|title=Extensible Authentication Protocol (EAP) Registry|url=https://www.iana.org/assignments/eap-numbers/eap-numbers.xhtml|access-date=2021-06-01|website=www.iana.org}}</ref>