{"draft":"draft-ietf-ipsecme-eap-mutual-05","doc_id":"RFC5998","title":"An Extension for EAP-Only Authentication in IKEv2","authors":["P. Eronen","H. Tschofenig","Y. Sheffer"],"format":["ASCII","HTML"],"page_count":"16","pub_status":"PROPOSED STANDARD","status":"PROPOSED STANDARD","source":"IP Security Maintenance and Extensions","abstract":"IKEv2 specifies that Extensible Authentication Protocol (EAP)\r\nauthentication must be used together with responder authentication\r\nbased on public key signatures.  This is necessary with old EAP\r\nmethods that provide only unilateral authentication using, e.g., one-\r\ntime passwords or token cards.\r\n\r\nThis document specifies how EAP methods that provide mutual\r\nauthentication and key agreement can be used to provide extensible\r\nresponder authentication for IKEv2 based on methods other than public\r\nkey signatures.  [STANDARDS-TRACK]","pub_date":"September 2010","keywords":["[--------]","mutual authentication","password","credentials","AAA","key agreement","channel binding"],"obsoletes":[],"obsoleted_by":[],"updates":["RFC5996"],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC5998","errata_url":null}