Here are a list of requirements that were discussed at the Prague meeting for a password based method:
1. Transport of encrypted password for support of legacy password databases (REQUIRED) 2. Mutual authentication (specifically authentication of the server) (REQUIRED) 3. resistance to offline dictionary attacks, man-in-the-middle attacks (REQUIRED) 4. Compliance with RFC 3748, RFC 4017 and EAP keying (including EMSK and MSK generation) (REQUIRED) 5. Peer identity confidentiality (REQUIRED) 6. Crypto agility and ciphersuite negotiation (REQUIRED) 7. Session resumption (no password needed) (REQUIRED) 8. Fragmentation and reassembly (REQUIRED) 9. Cryptographic binding (REQUIRED if additional inner mechanisms are supported) 10. Password/PIN change (DESIRABLE) 11. Transport Channel binding data (REQUIRED) 12. Protected result indication (REQUIRED) 13. Support for certificate validation protocols (DESIRABLE) 14. Extension mechanism (in support of 10 - 12) (REQUIRED) _______________________________________________ Emu mailing list Emu@ietf.org https://www1.ietf.org/mailman/listinfo/emu
