There have been a lot of proposals about EAP and authorization in the
past. At its very basis EAP performs authentication at the time of
service access and the data resulting from the authentication can then
be used for authorization and accounting purposes. Some of the
proposals attempt to enhan
There have been a lot of proposals about EAP and authorization in the
past. At its very basis EAP performs authentication at the time of
service access and the data resulting from the authentication can then
be used for authorization and accounting purposes. Some of the
proposals attempt to enhan
The core chartered requirements also include the use of the tunnel
method for password authentication, so it is important to consider this
case.
In addition, there is a proposal for defining conventions for defining
generic textual attributes within the tunnel. I think the main
advantage of do
Within Tunnel methods, exchanges of user names and passwords are often
accomplished either
using TLS or existing EAP methods (e.g. Identity or inner authentication
methods). There are
some tunnel methods that have their own native authentication methods (e.g.
EAP-TTLSv0), but
even those typic
Joseph Salowey (jsalowey) wrote:
> There are other ways in which EAP has proposed authorization
> enhancements. Other proposals have dealt with requesting authorizations
> for or providing authorization data to services other than the one that
> is performing the authentication. In addition propo
