Carlson Sun H. Levkowetz, Ed. Please refer to the current edition of the "Internet Official Protocol Standards" STD 1 for the standardization state and status of this protocol. Distribution of this memo is unlimited. Abstract This document defines the Extensible Authentication Protocol EAP , an authentication framework which supports multiple authentication methods. EAP provides its own support for duplicate elimination and retransmission, but is reliant on lower layer ordering guarantees.
|Published (Last):||4 January 2011|
|PDF File Size:||12.77 Mb|
|ePub File Size:||3.87 Mb|
|Price:||Free* [*Free Regsitration Required]|
It represents the consensus of the IETF community. All rights reserved. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Requirements Language Security Considerations Normative References Informative References While some of the reasons for the recommendation against usage of EAP for bulk data transport are still valid, some of the other provisions in the applicability statement have turned out to be too narrow.
Section 2 describes the example where EAP is used to authenticate application-layer access. Section 3 provides new text to update Section 1. Requirements Language In this document, several words are used to signify the requirements of the specification.
Without channel bindings, a peer cannot verify if an authenticator is authorized to provide an advertised service. Application services might have different properties.
Consider an environment with multiple printers, some of which provide a confidential service to output documents to a controlled location. If a peer sent a document to the wrong service, then potentially sensitive information might be printed in an uncontrolled location and be disclosed.
In addition, it might be more likely that a low- value service is compromised than some high-value service. If the high-value service could be impersonated by a low-value service then the security of the overall system would be limited by the security of the lower-value service. However, it is particularly acute in a federated environment where multiple organizations are involved.
It is very likely that these organizations will have different security policies and practices. It is very likely that the goals of these organizations will not entirely be aligned. In many situations, one organization could gain value by being able to impersonate another. In this environment, authenticating the EAP server is insufficient: the peer must also validate that the contacted host is authorized to provide the requested service.
The EAP server MUST require that either the correct EAP lower- layer attribute or another attribute indicating the purpose of the authentication be present in the channel binding data for application authentication. One potentially serious attack exists when channel binding is not required and EAP authentication is introduced into an existing service other than network access.
A device can be created that impersonates a Network Access Service NAS to peers, but actually proxies the authentication to the new application service that accepts EAP authentications.
This may decrease the security of this service even for users who previously used non-EAP means of authentication to the service. Failing to validate the possession of the EAP MSK can allow an attacker to insert himself into the conversation and impersonate the peer or authenticator.
In addition, the application should define channel binding attributes that are sufficient to validate that the application service is being correctly represented to the peer. Retransmission In EAP, the authenticator is responsible for retransmission. By default, EAP assumes that the lower layer the application in this context is unreliable. The authenticator can send a packet whenever its retransmission timer triggers. In this mode, applications need to be able to receive and process EAP messages at any time during the authentication conversation.
Alternatively, EAP permits a lower layer to set the retransmission timer to infinite. When this happens, the lower layer becomes responsible for reliable delivery of EAP messages. Applications that use a lock-step or client-driven authentication protocol might benefit from this approach. In addition to retransmission behavior, applications need to deal with discarded EAP messages. For example, whenever some EAP methods receive erroneous input, these methods discard the input rather than generating an error response.
If the erroneous input was generated by an attacker, legitimate input can sometimes be received after the erroneous input. Applications MUST handle discarded EAP messages, although the specific way in which discarded messages will be handled depends on the characteristics of the application.
Options include failing the authentication at the application level, requesting an EAP retransmit and waiting for additional EAP input.
Applications designers that incorporate EAP into their application need to determine how retransmission and message discards are handled. Re-authentication permits security associations to be updated without establishing a new session. For network access, this can be important because interrupting network access can disrupt connections and media. Some applications might not need re-authentication support.
For example, if sessions are relatively short-lived or if sessions can be replaced without significant disruption, re-authentication might not provide value. Re-authentication is likely to be valuable if sessions or connections are long-lived or if there is a significant cost to disrupting them. Another factor may make re-authentication important. Some protocols only permit one party in a protocol for example, the client to establish a new connection.
If another party in the protocol needs the security association refreshed, then re-authentication can provide a mechanism to do so. Application designers need to determine whether re-authentication support is needed and which parties can initiate it. In addition, the application MUST define channel binding attributes that are sufficient to validate that the application service is being correctly represented to the peer.
Applications protocols vary so their specific behavior and transport characteristics needs to be considered when determining their retransmission and re-authentication behavior.
Security Considerations In addition to the requirements discussed in the main sections of the document, applications should take into account how server authentication is achieved.
Some deployments may allow for weak server authentication that is then validated with an additional existing exchange that provides mutual authentication. When doing channel binding it is REQUIRED that the authenticator is not able to modify the channel binding data passed between the peer to the authenticator as part of the authentication process.
Acknowledgements Large amounts of helpful text and insightful thoughts were contributed by Sam Hartman, Painless Security. David Black contributed to the text clarifying channel bindings usage. References 6.
Modernizing email and calendars for users and developers
Google Network Working Group B. Carlson Sun H. Levkowetz, Ed. Please refer to the current edition of the "Internet Official Protocol Standards" STD 1 for the standardization state and status of this protocol. Distribution of this memo is unlimited. Abstract This document defines the Extensible Authentication Protocol EAP , an authentication framework which supports multiple authentication methods.