One document matched: draft-salowey-emu-eaptunnel-req-00.xml 

<?xml version="1.0" encoding="US-ASCII"?>
<!DOCTYPE rfc SYSTEM "rfc2629.dtd" [
<!ENTITY rfc2119 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.2119.xml">
<!ENTITY rfc4017 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.4017.xml">
<!ENTITY rfc4346 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.4346.xml">
<!ENTITY rfc4347 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.4347.xml">
<!ENTITY rfc4106 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.4106.xml">
<!ENTITY ietf-tls-rfc4346-bis SYSTEM "http://xml.resource.org/public/rfc/bibxml3/reference.I-D.ietf-tls-rfc4346-bis.xml">
<!ENTITY ietf-eap-keying SYSTEM "http://xml.resource.org/public/rfc/bibxml3/reference.I-D.ietf-eap-keying.xml">
<!ENTITY rescorla-tls-suiteb SYSTEM "http://xml.resource.org/public/rfc/bibxml3/reference.I-D.rescorla-tls-suiteb.xml">
<!ENTITY rfc5116 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.5116.xml">

]>
<?rfc toc="yes"?>
<?rfc tocompact="no"?>
<?rfc tocdepth="6"?>
<?rfc symrefs="yes"?>
<?rfc sortrefs="yes"?>
<?rfc compact="yes"?>
<rfc ipr="full3978" category="info" docName="draft-salowey-emu-eaptunnel-req-00.txt">
	<front>
		<title abbrev="EAP Tunnel Method Requirements Outline">Outline for Requirements for an EAP Tunnel Based Method</title>
		<author fullname="Joseph Salowey" initials="J" surname="Salowey">
			<organization> Cisco Systems, Inc. </organization>
			<address>
				<postal>
					<street>2901 3rd. Ave</street>
					<city>Seattle</city>
					<code>98121</code>
					<region>WA</region>
					<country>USA</country>
				</postal>
				<email> jsalowey@cisco.com </email>
			</address>
		</author>
	
		<date month="February" year="2008"/>
		<area> Security Area </area>
		<workgroup> EMU Working Group </workgroup>
		<abstract>
			<t> This memo provides an outline for the requirements for a Tunnel Extensible Authentication Protocol (EAP) Method.   This method will use Transport Layer Security (TLS) to establish a tunnel.  The tunnel will support password authentication, EAP authentication and the transport of additional data for other purposes.  
</t>
		</abstract>

	</front>
	<middle>

		<section title="Introduction">
						
		</section>
		<section title="Conventions Used In This Document">
		<t>The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in <xref target="RFC2119"></xref></t>
		</section>
<section title="Requirements" anchor="reqs">
  <section title="General Requirements">
   <section title="RFC Compliance">
    <t>- 3784 (incl. security properties), 4017, EAP Keying, crypto agility</t>
   </section>
   <section title="Draw from existing work">
    <t> EAP-TLS, EAP-TTLS, EAP-FAST, PEAP </t>
   </section>
   <section title="Use cases"> 
    <section title="Password authentication" />
    <section title="Chained EAP Methods" />
    <section title="Identity Protection" />
    <section title="Emergency Services Authentication" />
    <section title="Network Endpoint Assessment" />
    <section title="Credential Provisioning/Enrollment" />
    <section title="Resource Constrained Environments">
    <t> Define Resource Constrained </t>
    </section>
   </section>
  </section>
<section title="Tunnel Establishment Requirements">
  <section title="TLS Requirements">
    <section title="Ciphersuites" />
    <section title="TLS Extensions (OCSP, server name?, channel binding?)" />
    <section title="Client Authentication and Identity Privacy" />
    <section title="Session Resumption" />
  </section>
  <section title="Fragmentation" />
  <section title="EAP Header Protection" />
  <section title="Privacy and EAP Identity" />
  <section title="Additional Signaling" />
</section>
<section title="Tunnel Payload Requirements">
  <section title="Extensible Data Types" />
  <section title="Request/Challenge Response Operation" />
  <section title="Mandatory and Optional Attributes" />
  <section title="Vendor Specific Support" />
  <section title="Result Indication" />
</section>
<section title="Channel Binding Requirements">
  <section title="Definition" />
  <section title="Directionality"/>
  <section title="Data Types" />
</section>

<section title="Requirements Associated with Carrying Username and Passwords">
  <section title="security">
    <section title="Confidentiality and Integrity" />
    <section title="Authentication of Server" />
    <section title="Credential Validation (revocation validation)" />
  </section>
  <section title="Internationalization" >
    <section title="Username" />
    <section title="Passwords" />
  </section>
  <section title="Meta-data" >
    <t>Machine vs. User Authentication </t>
  </section>
  <section title="Password Change" />
</section>

<section title="Requirements Associated with Carrying EAP Methods">
    <section title="Method Negotiation" />
    <section title="Method Chaining" />
    <section title="Cryptographic Binding with TLS Channel" />
    <section title="Compound Keys" />
    <section title="Intermediate Results" />
    <section title="Client Initiated" />
    <section title="Method meta-data" >
      <t>request specific credentials </t>
    </section>
</section>

  </section>
<section title="IANA Considerations">
  <t>This document has no IANA considerations.</t>
</section>

		<section anchor="Security" title="Security Considerations">
		</section>

		
	</middle>
	<back>
		<references title="Normative References">
			
		&ietf-tls-rfc4346-bis;
		&rfc2119;
		&rfc3748;
		&ietf-eap-keying;
		
		</references>
		<references title="Informative References">	
		 &rfc4017;
			
		</references>
	</back>
</rfc>
PAFTECH AB 2003-20262026-04-26 09:10:09