Revision as of 03:13, 22 October 2007 edit WaffleMonster (talk \| contribs) 25 edits →PEAPv1/EAP-GTC ← Previous edit		Revision as of 04:32, 27 January 2008 edit undo 128.196.164.121 (talk) the cert authenticates the server - not the client. the client auth occurs within the tunnel. Next edit →
Line 3: '''Protected [[Extensible Authentication Protocol]]''', '''Protected EAP''', or simply '''PEAP''' (pronounced ''"peep"''), is a method to securely transmit [[authentication]] information, including [[password]]s, over wired or [[wireless LAN\|wireless network]]s. It was jointly developed by [[Cisco Systems]], [[Microsoft]], and [[RSA Security]]. Note that '''PEAP''' is not an encryption protocol; as with other [[Extensible Authentication Protocol\|EAP]] types it only authenticates a client into a network. PEAP uses ~~only~~ [[server-side]] [[public key certificate]]s to authenticate ~~clients~~the byserver. It then ~~creating~~creates an [[encryption\|encrypted]] [[Secure Sockets Layer\|SSL]]/[[Transport Layer Security\|TLS]] [[Tunneling protocol\|tunnel]] between the client and the authentication server. The ensuing exchange of authentication information to authenticate the client is then encrypted and user credentials are safe from eavesdropping. PEAP is a joint proposal by [[Cisco Systems]], [[Microsoft]] and [[RSA Security]] as an open standard. It is already widely available in products, and provides very good security. It is similar in design to [[EAP-TTLS]], requiring only a server-side PKI certificate to create a secure TLS tunnel to protect user authentication.

Protected Extensible Authentication Protocol: Difference between revisions