eap Mailing List

View Index by: Date - Thread - Author
Re: EAP pre-authentication, EAP re-authentication, etc.
From: Bernard Aboba (bernard_abobahotmail.com)
Date: Sat, 23 Sep 2006 04:29:11 -0700 (PDT)
Actually, I looked through the framework document, and found the following definition of EAP pre-authentication in Section 4:

EAP pre-authentication.  This utilizes EAP to pre-establish EAP
    keying material on an authenticator prior to arrival of the peer.

So how about this for the defintiion:

EAP pre-authentication
The utilization of EAP to pre-establish EAP keying material on an authenticator prior to arrival of the peer.


From: "Bernard Aboba" <bernard_aboba [at] hotmail.com>
To: yohba [at] tari.toshiba.com, eap [at] frascone.com
Subject: Re: [eap] EAP pre-authentication, EAP re-authentication, etc.
Date: Sat, 23 Sep 2006 04:22:43 -0700

In looking through the EAP Key Management Framework document, the term "EAP
pre-authentication" is used in most cases; however, there are situations in
which the term "pre-authentication" is used, when referring to EAP
pre-authentication.  For the sake of clarity, I think it makes sense to
change all uses to "EAP pre-authentication" as well as to define this term
in the document.

How about this?

EAP pre-authentication
The use of EAP for the purposes of authenticating to a new authenticator
while connected to a current authenticator.

The term "EAP re-authentication" is also used in the document, as is
"re-authentication".  I would propose that all uses be described as "EAP
re-authentication", and that this term also be defined.  How about this?

EAP re-authentication
The use of EAP to authenticate again to an authenticator to which the peer
is connected.

Within the document, the term "re-key" is used if talking about the same
authenticator; I don't believe that the use of the term "re-authentication"
is used anywhere in the document (or in IEEE 802.11i for that matter)
referring to this situation.  I believe IEEE 802.11r uses the term "fast
transition" when moving between two authenticators.





>From: Yoshihiro Ohba <yohba [at] tari.toshiba.com>
>To: eap [at] frascone.com
>Subject: [eap] EAP pre-authentication, EAP re-authentication, etc.
>Date: Fri, 22 Sep 2006 13:39:42 -0400
>
>I have a couple of terminology questions.
>
>- When the term "pre-authentication" is used solely (instead of "EAP
>pre-authentication"), does it mean EAP pre-authentication or something
>else?
>
>- The term "EAP re-authentication" is used without being defined.  It
>may be good to define it.
>
>- If re-keying is optimized such that EAP run is not required in its
>signaling (but AAA interaction is needed), how should we call such a
>scheme, re-authentication, non-EAP re-authentication, fast
>re-authentication, etc.?
>
>Yoshihiro Ohba
>
>
>_________________________________________________________________
>To unsubscribe or modify your subscription options, please visit:
>http://lists.frascone.com/mailman/listinfo/eap
>
>Arhives: http://lists.frascone.com/pipermail/eap


_________________________________________________________________
To unsubscribe or modify your subscription options, please visit:
http://lists.frascone.com/mailman/listinfo/eap

Arhives: http://lists.frascone.com/pipermail/eap


Results generated by Tiger Technologies using MHonArc.