(Logo Tech-invite)  

a Portal devoted to SIP and Security technologies

   (World Map)    
    Search Home Site Map Contact
 SIP/IMS Standardization
> IETF Standardization Process
> RFCs related to SIP (4 p.) o
> SIP-SIPPING-SIMPLE... I-Ds (22 p.) o
> Audio-Video Transport RFCs (2 p.)
> 3GPP Specifications (12 p.)
> OMA Specifications related to SIP
> TISPAN NGN Specifications (3 p.) o
> SIP Topics
> IMS Topics
 SIP/IMS Call Flows
> RFC3261's Example
> Basic -- RFC3665
> SIP PSTN -- RFC3666 (3 p.)
> SIP Service Examples (19 p.)
> IMS Signaling Flows (35 p.)
 SIP/IMS Architecture
> SIP Protocol Structure
> Dialogs & Routing
> UMTS Network Evolution
 Security
> PKIX-TLS-SMIME... Standards (20 p.) o
> Cryptography Basics
> ASN.1 for PKI Certificate & CRL Profile
> ASN.1 for CMS
> RFC3280's Certificate Examples (4)
> RFC4134's CMS-S/MIME Examples (14)
> RFC4474's SIP Authentication Service
> SSL/TLS Time-Diagrams
> IPSec Guides
 ABNF Grammars
> ABNF Notation & Rules
> URI Generic Syntax
> ABNF for SIP
> SIP Messages & URIs
> SIP Header Fields
> MIME Media Types
> ABNF for SDP
> ABNF for MSRP
> ABNF for MRCPv2
> ABNF for RTSP 2.0
> Internet Message Format
 DiffServ CoS Simulation
> IPVCoSS Simulator
> IP-VPN Case Study
  o (daily updated)
> I-D Tracker States   Security (SEC) area
  > PKIXwg   > TLSwg   > SMIMEwg   > [IPSECwg]   > [SECSHwg]   > BTNSwg   > DKIMwg
  > EMUwg   > HOKEYwg   > ISMSwg   > KEYPROVwg   > KITTENwg   > KRBwg   > LTANSwg
  > MSECwg   > NEAwg   > SASLwg   > SYSLOGwg   > Miscellaneous    
> RAI Area's WGs > SEC Area's WGs > Miscellaneous WGs  

Chairs:

Alan DeKok
Joseph Salowey
 

Useful Links:

tools.ietf.org/wg/emu
EMU mail-archive

 

RFCs & Drafts related to
EMU working group:


Chicago IETF-69 minutes
Vancouver IETF-70 minutes
Philadelphia IETF-71 minutes
WG-EMU
Security (SEC) area
Top I-D List RFC List Charter Published RFCs
  IDs in RFC Ed Queue IDs Processed by IESG IETF: ID Exists Individual: ID Exists
## PKIXwg ## TLSwg ## SMIMEwg ## IPSECwg ## SECSHwg ## BTNSwg ## DKIMwg ## EMUwg ## HOKEYwg ## ISMSwg
## KEYPROVwg ## KITTENwg ## KRBwg ## LTANSwg ## MSECwg ## NEAwg ## SASLwg ## SYSLOGwg ## Miscellaneous

List of Drafts

EMU working group

Last Update: May 10, 2008 -- Color Legend: RFC Editor Queue / Processed by IESG / ID Exists / Recently Expired -- Each I-D name is a link to an I-D description, which points to a text version, a two-page and fit-in-window PDF version, as well as the IETF Tools' HTML version.
 
# ietf-emu-eap-gpsk
# clancy-emu-aaapay
# clancy-emu-chbind
# harkins-emu-eap-pwd
# salowey-emu-eaptunnel-req
# zhou-emu-fast-gtc
  
Security (SEC) area
Top I-D List RFC List Charter Published RFCs
  IDs in RFC Ed Queue IDs Processed by IESG IETF: ID Exists Individual: ID Exists
## PKIXwg ## TLSwg ## SMIMEwg ## IPSECwg ## SECSHwg ## BTNSwg ## DKIMwg ## EMUwg ## HOKEYwg ## ISMSwg
## KEYPROVwg ## KITTENwg ## KRBwg ## LTANSwg ## MSECwg ## NEAwg ## SASLwg ## SYSLOGwg ## Miscellaneous

List of RFCs

EMU working group

 
RFC 5216 (simon-emu-rfc2716bis)
 
Security (SEC) area
Top I-D List RFC List Charter Published RFCs
  IDs in RFC Ed Queue IDs Processed by IESG IETF: ID Exists Individual: ID Exists
## PKIXwg ## TLSwg ## SMIMEwg ## IPSECwg ## SECSHwg ## BTNSwg ## DKIMwg ## EMUwg ## HOKEYwg ## ISMSwg
## KEYPROVwg ## KITTENwg ## KRBwg ## LTANSwg ## MSECwg ## NEAwg ## SASLwg ## SYSLOGwg

Charter

EMU working group

The charter of the EMU working group is reported below.
The Extensible Authentication Protocol (EAP) [RFC 3748] is a network access authentication framework used in the PPP, 802.11, 802.16, VPN, PANA, and in some functions in 3G networks. EAP itself is a simple protocol and actual authentication happens in EAP methods.

Over 40 different EAP methods exist. Most of this methods are proprietary methods and only a few methods are documented in RFCs. The lack of documented, open specifications is a deployment and interoperability problem. In addition, none of the EAP methods in the standards track implement features such as key derivation that are required for many modern applications. This poses a problem for, among other things, the selection of a mandatory to implement EAP method in new network access technologies. For example, no standards track methods meet new requirements such as those posed in RFC 4017, which documents IEEE 802.11 requirements for EAP methods.

This group is chartered to work on the following types of mechanisms to meet RFC 3748 and RFC 4017 requirements:

- An update to RFC 2716 to bring EAP-TLS into standards track, clarify specification, interoperability, and implementation issues gathered over the years, and update the document to meet the requirements of RFC 3748, RFC 4017, and EAP keying framework documents. Backwards compatibility with RFC 2716 is a requirement.

- Enhanced functionality to enable a TLS-based EAP method to support authentication methods beyond certificates, channel bindings and other optional functions required in RFC 4017. So as to enable RFC 2716bis to focus solely on clarifications to the existing protocol, this effort will be handled in a separate document. Depending on an analysis of the behavior of existing implementations, it is possible that this effort may be able to use the existing EAP-TLS type code, or it may need to be handled via assignment of a new EAP Type Code.

- A mechanism based on strong shared secrets that meets RFC 3748 and RFC 4017 requirements. This mechanism should strive to be simple and compact for implementation in resource constrained environments.

- A mechanism meeting RFC 3748 and RFC 4017 requirements that makes use of existing password databases such as AAA databases. The implementation should strive to be usable in resource constrained environments.

n order to facilitate the development of the shared secret and password based methods design teams will be formed. The design teams should take into consideration existing methods including mechanisms based on EAP-TLS such as TLS-PSK.
Security (SEC) area
Top I-D List RFC List Charter Published RFCs
  IDs in RFC Ed Queue IDs Processed by IESG IETF: ID Exists Individual: ID Exists
## PKIXwg ## TLSwg ## SMIMEwg ## IPSECwg ## SECSHwg ## BTNSwg ## DKIMwg ## EMUwg ## HOKEYwg ## ISMSwg
## KEYPROVwg ## KITTENwg ## KRBwg ## LTANSwg ## MSECwg ## NEAwg ## SASLwg ## SYSLOGwg ## Miscellaneous

Published RFCs

EMU working group

RFC5216
03/2008
(34 p.)
[html]
[pdf(2)]		 D. Simon
B. Aboba
R. Hurst
The EAP-TLS Authentication Protocol
The Extensible Authentication Protocol (EAP), defined in RFC 3748, provides support for multiple authentication methods. Transport Layer Security (TLS) provides for mutual authentication, integrity- protected ciphersuite negotiation, and key exchange between two endpoints. This document defines EAP-TLS, which includes support for certificate-based mutual authentication and key derivation.

This document obsoletes RFC 2716. A summary of the changes between this document and RFC 2716 is available in Appendix A.
Up  List Status:Informational  
Security (SEC) area
Top I-D List RFC List Charter Published RFCs
  IDs in RFC Ed Queue IDs Processed by IESG IETF: ID Exists Individual: ID Exists
## PKIXwg ## TLSwg ## SMIMEwg ## IPSECwg ## SECSHwg ## BTNSwg ## DKIMwg ## EMUwg ## HOKEYwg ## ISMSwg
## KEYPROVwg ## KITTENwg ## KRBwg ## LTANSwg ## MSECwg ## NEAwg ## SASLwg ## SYSLOGwg ## Miscellaneous

Drafts in the RFC Editor Queue

EMU working group

-
Security (SEC) area
Top I-D List RFC List Charter Published RFCs
  IDs in RFC Ed Queue IDs Processed by IESG IETF: ID Exists Individual: ID Exists
## PKIXwg ## TLSwg ## SMIMEwg ## IPSECwg ## SECSHwg ## BTNSwg ## DKIMwg ## EMUwg ## HOKEYwg ## ISMSwg
## KEYPROVwg ## KITTENwg ## KRBwg ## LTANSwg ## MSECwg ## NEAwg ## SASLwg ## SYSLOGwg ## Miscellaneous

Drafts currently processed by the IESG

EMU working group

emu-eap-gpsk-08
AD Evaluation::
Revised ID Needed
Dec 4, 2007
(37 p.)
[pdf(2)] [html] 		T. Clancy
H. Tschofenig
EAP Generalized Pre-Shared Key (EAP-GPSK)
This Internet Draft defines an Extensible Authentication Protocol method called EAP Generalized Pre-Shared Key (EAP-GPSK). This method is a lightweight shared-key authentication protocol supporting mutual authentication and key derivation.
Up  List Intended Status:Proposed Standard
zhou-emu-
fast-gtc-03
Publication Requested
Apr 4, 2008
(12 p.)
[pdf(2)] [html] 		N. Cam-Winget
H. Zhou
Basic Password Exchange within the Flexible Authentication via Secure Tunneling Extensible Authentication Protocol (EAP-FAST)
The flexible authentication via secure tunneling EAP method (EAP- FAST) enables secure communication between a peer and a server by using Transport Layer Security (TLS) to establish a mutually authenticated tunnel. Within this tunnel a basic password exchange, based on the generic token card method (EAP-GTC), may be executed to authenticate the peer.
Up  List Intended Status:Informational
Security (SEC) area
Top I-D List RFC List Charter Published RFCs
  IDs in RFC Ed Queue IDs Processed by IESG IETF: ID Exists Individual: ID Exists
## PKIXwg ## TLSwg ## SMIMEwg ## IPSECwg ## SECSHwg ## BTNSwg ## DKIMwg ## EMUwg ## HOKEYwg ## ISMSwg
## KEYPROVwg ## KITTENwg ## KRBwg ## LTANSwg ## MSECwg ## NEAwg ## SASLwg ## SYSLOGwg ## Miscellaneous

Active IETF Drafts

EMU working group

-
Security (SEC) area
Top I-D List RFC List Charter Published RFCs
  IDs in RFC Ed Queue IDs Processed by IESG IETF: ID Exists Individual: ID Exists
## PKIXwg ## TLSwg ## SMIMEwg ## IPSECwg ## SECSHwg ## BTNSwg ## DKIMwg ## EMUwg ## HOKEYwg ## ISMSwg
## KEYPROVwg ## KITTENwg ## KRBwg ## LTANSwg ## MSECwg ## NEAwg ## SASLwg ## SYSLOGwg ## Miscellaneous

Active Individual Drafts

EMU working group

clancy-emu-
aaapay-00
ID Exists
Feb 18, 2008
(9 p.)
[pdf(2)] [html] 		T. Clancy
EAP Method Support for Transporting AAA Payloads
This document defines bindings for existing EAP methods to transport Diameter AVPs, called "AAA payloads". The primary application is to support EAP channel bindings, but this could be used for other applications as well.
Up  List Intended Status:Standards Track
clancy-emu-
chbind-00
ID Exists
Feb 18, 2008
(10 p.)
[pdf(2)] [html] 		T. Clancy
K. Hoeper
Channel Binding Support for EAP Methods
This document defines how to implement channel bindings for Extensible Authentication Protocol (EAP) methods.
Up  List Intended Status:Standards Track
harkins-emu-
eap-pwd-01
ID Exists
Feb 25, 2008
(34 p.)
[pdf(2)] [html] 		D. Harkins
G. Zorn
EAP Authentication Using Only A Password
This memo describes an Extensible Authentication Protocol (EAP) method, EAP-pwd, which uses a shared password for authentication. The password may be a low-entropy one and may be drawn from some set of possible passwords, like a dictionary, which is available to an attacker.
Up  List Intended Status:Standards Track
salowey-emu-
eaptunnel-req-00
ID Exists
Feb 18, 2008
(8 p.)
[pdf(2)] [html] 		J. Salowey
Outline for Requirements for an EAP Tunnel Based Method
This memo provides an outline for the requirements for a Tunnel Extensible Authentication Protocol (EAP) Method. This method will use Transport Layer Security (TLS) to establish a tunnel. The tunnel will support password authentication, EAP authentication and the transport of additional data for other purposes.
Up  List Intended Status:Informational
  
Last update: May 10, 2008 
  
(to top) © 2005-2008 Joël Repiquet, All Rights Reserved.