Hi,
Pasi asked that we propose a charter item for password-based authentication,
so here's a first shot, for your review.
Thanks,
Yaron
The working group will develop a single standards-track EAP method for
authenticating users using short, memorable passwords but with no use of
public key certificates. The protocol should be secure against both passive
and active attackers, specifically it should not be vulnerable to dictionary
attacks in both of these attack scenarios. Possible starting points for this
work are <EAP-EKE>, <EAP-PWD> and the expired <EAP-SRP>. The document should
include a requirements section, copying "by value" the relevant subset of
<tunnel requirements>, but not having normative dependence on that draft.
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu
