Browse Prior Art Database

Certificate Extensions and Attributes Supporting Authentication in Point-to-Point Protocol (PPP) and Wireless Local Area Networks (WLAN) (RFC3770)

IP.com Disclosure Number: IPCOM000028613D
Original Publication Date: 2004-May-01
Included in the Prior Art Database: 2004-May-25
Document File: 10 page(s) / 19K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

R. Housley: AUTHOR [+2]

Abstract

This document defines two EAP extended key usage values and a public key certificate extension to carry Wireless LAN (WLAN) System Service identifiers (SSIDs).

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 15% of the total text.

Network Working Group                                         R. Housley

Request for Comments: 3770                                Vigil Security

Category: Standards Track                                       T. Moore

                                                               Microsoft

                                                                May 2004

           Certificate Extensions and Attributes Supporting

            Authentication in Point-to-Point Protocol (PPP)

                and Wireless Local Area Networks (WLAN)

Status of this Memo

   This document specifies an Internet standards track protocol for the

   Internet community, and requests discussion and suggestions for

   improvements.  Please refer to the current edition of the "Internet

   Official Protocol Standards" (STD 1) for the standardization state

   and status of this protocol.  Distribution of this memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2004).  All Rights Reserved.

Abstract

   This document defines two EAP extended key usage values and a public

   key certificate extension to carry Wireless LAN (WLAN) System Service

   identifiers (SSIDs).

1.  Introduction

   Several Extensible Authentication Protocol (EAP) [EAP] authentication

   methods employ X.509 public key certificates.  For example, EAP-TLS

   [EAP-TLS] can be used with PPP [PPP] as well as IEEE 802.1X [802.1X].

   PPP is used for dial-up and VPN environments.  IEEE 802.1X defines

   port-based, network access control, and it is used to provide

   authenticated network access for Ethernet, Token Ring, and Wireless

   LANs (WLANs) [802.11].

   Automated selection of certificates for PPP and IEEE 802.1X clients

   is highly desirable.  By using certificate extensions to identify the

   intended environment for a particular certificate, the need for user

   input is minimized.  Further, the certificate extensions facilitate

   the separation of administrative functions associated with

   certificates used for different environments.

Housley & Moore             Standards Track                     [Page 1]

RFC 3770                      PPP and WLAN                      May 2004

   IEEE 802.1X can be used for authentication with multiple networks.

   For example, the same wireless station might use IEEE 802.1X to

   authenticate to a corporate IEEE 802.11 WLAN and a public IEEE 802.11

   "hotspot."  Each of these IEEE 802.11 WLANs has a different network

   name, called Service Set Identifier (SSID).  If the network operators

   have a roaming agreement, then cross realm...