
Extensible Authentication Protocol (EAP) Registry

(last updated 2008-11-26)

Registries included below:
- Packet Codes
- EAP Initiate and Finish Attributes
- Method Types 
- EAP-FAST TLV Types
- EAP-FAST Error-TLV Error-Codes 
- EAP-FAST Request-Action TLV Action Code
- Message Types
- Re-authentication Cryptosuites
- EAP-TTLS AVP Usage


Registry Name: Packet Codes 
Reference: [RFC3748]
Registration Procedure: Standards Action

Registry:
Value    Description               Reference
-------  ------------------------  ---------
1        Request                   [RFC3748]
2        Response                  [RFC3748]
3        Success                   [RFC3748]
4        Failure                   [RFC3748]
5        Initiate                  [RFC5296]
6        Finish                    [RFC5296]
7-255    Unassigned


Registry Name: EAP Initiate and Finish Attributes
Reference: [RFC5296]
Registration Procedures: IETF Consensus

Registry:
Type     Description                 Payload Type  Reference
-------  --------------------------  ------------  ---------
0        Reserved                                  [RFC5296]
1        keyName-NAI                 TLV           [RFC5296]
2        rRK Lifetime                TV            [RFC5296]
3        rMSK Lifetime               TV            [RFC5296]
4        Domain name                 TLV           [RFC5296]
5        Cryptosuite list            TLV           [RFC5296]
6        Authorization Indication    TLV           [RFC5296]
7-127    Unassigned
128      Called-Station-Id           TLV           [RFC5296]
129      Calling-Station-Id          TLV           [RFC5296]
130      NAS-Identifier              TLV           [RFC5296]
131      NAS-IP-Address              TLV           [RFC5296]
132      NAS-IPv6-Address            TLV           [RFC5296]
133-191  Unassigned
192-255  Reserved for Private Use                  [RFC5296]


Registry Name: Method Types 
Reference: [RFC3748]
Range            Registration Procedures                            Notes
---------------  -------------------------------------------------  --------------------   
1-191            Designated Expert with Specification Required 
192-253          Standards Action 
256-4294967295   Designated Expert with Specification Required      See note '*'.

* Allocated after 1-191, on the advice of a designated expert, with specification required. 
  (Expert-EAP Working Group Chair or person designated by EAP Chair)

Registry:
Value           Description                                     Reference
--------------  ----------------------------------------------  ---------
0               Reserved
1               Identity                                        [RFC3748]
2               Notification                                    [RFC3748]
3               Legacy Nak                                      [RFC3748]
4               MD5-Challenge                                   [RFC3748]
5               One-Time Password (OTP)                         [RFC3748]
6               Generic Token Card (GTC)                        [RFC3748]
7               Allocated                                       [RFC3748]
8               Allocated                                       [RFC3748]
9               RSA Public Key Authentication                   [Whelan]
10              DSS Unilateral	                                [Nace]
11              KEA                                             [Nace]
12              KEA-VALIDATE                                    [Nace]
13              EAP-TLS                                         [Aboba]
14              Defender Token (AXENT)                          [Rosselli]
15              RSA Security SecurID EAP                        [Nyström]
16              Arcot Systems EAP                               [Jerdonek]
17              EAP-Cisco Wireless                              [Norman] 
18              GSM Subscriber Identity Modules (EAP-SIM)       [RFC4186]  
19              SRP-SHA1                                        [Carlson]
20              Unassigned
21              EAP-TTLS                                        [RFC5281]
22              Remote Access Service                           [Fields]
23              EAP-AKA Authentication                          [RFC4187] 
24              EAP-3Com Wireless                               [Young] 
25              PEAP                                            [Palekar]
26              MS-EAP-Authentication                           [Palekar]
27              Mutual Authentication w/Key Exchange (MAKE)     [Berrendonner]
28              CRYPTOCard                                      [Webb]
29              EAP-MSCHAP-V2                                   [Potter]
30              DynamID                                         [Merlin]
31              Rob EAP                                         [Ullah]
32              Protected One-Time Password                     [RFC4793][Nystrom] 
33              MS-Authentication-TLV                           [Palekar] 
34              SentriNET                                       [Kelleher]
35              EAP-Actiontec Wireless                          [Chang]
36              Cogent Systems Biometrics Authentication EAP    [Xiong]
37              AirFortress EAP                                 [Hibbard]
38              EAP-HTTP Digest                                 [Tavakoli]
39              SecureSuite EAP                                 [Clements]
40              DeviceConnect EAP                               [Pitard]
41              EAP-SPEKE                                       [Zick]
42              EAP-MOBAC                                       [Rixom]
43              EAP-FAST                                        [RFC4851]
44              ZoneLabs EAP (ZLXEAP)                           [Bogue]
45              EAP-Link                                        [Zick]
46              EAP-PAX                                         [Clancy]
47              EAP-PSK                                         [RFC4764]
48              EAP-SAKE                                        [RFC4763]
49              EAP-IKEv2                                       [RFC5106]
50              EAP-AKA'                                        [RFC-arkko-eap-aka-kdf-10.txt]
51-191          Unassigned                                      [RFC3748] 
192-253         Unassigned                                      [RFC3748]
254             Reserved for the Expanded Type                  [RFC3748]
255             Experimental                                    [RFC3748]
256-4294967295  Unassigned 


Registry Name: EAP-FAST TLV Types (Value 43)
Reference: [RFC4851]
Registration Procedure: Specification Required

Registry:
Value   Description               		Reference
------  ------------------------------  ---------
0       Reserved                  		[RFC4851]
1       Reserved                  		[RFC4851]
2       Reserved                  		[RFC4851]
3       Result TLV                		[RFC4851]
4       NAK TLV                   		[RFC4851]
5       Error TLV                 		[RFC4851]
7       Vendor-Specific TLV       		[RFC4851]
9       EAP-Payload TLV           		[RFC4851]
10      Intermediate-Result TLV    		[RFC4851]
11      PAC TLV                 		[draft-cam-winget-eap-fast-provisioning]
12      Crypto-Binding TLV       		[RFC4851]
18      Server-Trusted-Root TLV 		[draft-cam-winget-eap-fast-provisioning]
19      Request-Action TLV      		[RFC4851]
20      PKCS#7 TLV               		[draft-cam-winget-eap-fast-provisioning]


Sub-registry: EAP-FAST (value 43) Error-TLV (value 5) Error-Codes
Reference: [RFC4851]
Registration Procedure: Specification Required

Registry:
Value       Description               		    Reference
----------  ----------------------------------  ---------
2001        Tunnel_Compromise_Error             [RFC4851]
2002        Unexpected_TLVs_Exchanged           [RFC4851]

Sub-registry: EAP-FAST (value 43) Request-Action TLV (value 19) Action Codes
Reference: [RFC4851]
Registration Procedure: Specification Required

Registry:
Value       Description                         Reference
----------  ----------------------------------  ---------
  1         Process-TLV                         [RFC4851]
  2         Negotiate-EAP                       [RFC4851]


Registry Name: Message Types
Reference: [RFC5296]
Registration Procedures: IETF Consensus

Registry:
Value    Description                                     Reference
-------  ----------------------------------------------  ---------
0        Reserved                                        [RFC5296]
1        Re-auth-Start, applies to Initiate Code only    [RFC5296]
2        Re-auth, applies to Initiate and Finish Codes   [RFC5296]
3-191    Unassigned
192-255  Reserved for Private Use                        [RFC5296]


Registry Name: Re-authentication Cryptosuites
Reference: [RFC5296]
Registration Procedures: IETF Consensus

Registry:
Value    Description                                     Reference
-------  ----------------------------------------------  ---------
0        Reserved                                        [RFC5296]
1        HMAC-SHA256-64                                  [RFC5296]
2        HMAC-SHA256-128                                 [RFC5296]
3        HMAC-SHA256-256                                 [RFC5296]
4-191    Unassigned
192-255  Reserved for Private Use                        [RFC5296]


Registry Name: EAP-TTLS AVP Usage
Reference: [RFC5281]
Registration Procedures: IETF Consensus

Note: The following table lists whether the AVP may appear in a
packet from server to client ("Request") and/or in a packet from
client to server ("Response"), and whether the AVP MUST be
implemented ("MI").

Registry:
Name               Request  Response  MI  Reference
-----------------  -------  --------  --  ---------
User-Name                   X             [RFC5281]
User-Password               X             [RFC5281]
CHAP-Password               X             [RFC5281]
Reply-Message      X                      [RFC5281]
CHAP-Challenge              X             [RFC5281]
EAP-Message        X        X         X   [RFC5281]
MS-CHAP-Response            X             [RFC5281]
MS-CHAP-Error      X                      [RFC5281]
MS-CHAP-NT-Enc-PW           X             [RFC5281]
MS-CHAP-Domain     X                      [RFC5281]
MS-CHAP-Challenge           X             [RFC5281]
MS-CHAP2-Response           X             [RFC5281]
MS-CHAP2-Success   X                      [RFC5281]
MS-CHAP2-CPW                X             [RFC5281]


References
----------
[RFC3748]  L. Blunk, J. Vollbrecht, B. Aboba, J. Carlson, H. Levkowetz, Ed.
           "Extensible Authentication Protocol (EAP)", RFC 3748, June 2004.

[RFC4186]  H. Haverinen, Ed. and J. Salowey, Ed., "Extensible Authentication 
           Protocol Method for GSM Subscriber Identity Modules (EAP-SIM)",  
           RFC 4186, January 2006.

[RFC4187]  J. Arkko and H. Haverinen, "Extensible Authentication Protocol 
           Method for UMTS Authentication and Key Agreement (EAP-AKA)", 
           RFC 4187, January 2006.

[RFC4763]  M. Vanderveen and H. Soliman, "Extensible Authentication Protocol 
           Method for Shared-secret Authentication and Key Establishment (EAP-SAKE)",
           RFC 4763, November 2006.

[RFC4764]  F. Bersani and H. Tschofenig, "The EAP-PSK Protocol: a Pre-Shared 
           Key EAP Method", RFC 4764, January 2007.

[RFC4793]  M. Nystrom, "The Protected One-Time Password Protocol (EAP-POTP)",
           RFC 4793, February 2007.
		
[RFC4851]  N. Cam-Winget, D. McGrew, J. Salowey and H. Zhou, "The Flexible 
           Authentication via Secure Tunneling Extensible Authentication Protocol 
           Method (EAP-FAST)", RFC 4851, May 2007.

[draft-cam-winget-eap-fast-provisioning]
           Cam-Winget, N., "Dynamic Provisioning using EAP-FAST",
           (work in progress), January 2007.

[RFC5106]  H. Tschofenig, D. Kroeselberg, A. Pashalidis, Y. Ohba, F. Bersani, 
           "EAP-IKEv2 Method", RFC 5106, January 2008.

[RFC5216]  D. Simon, B. Aboba, R. Hurst, "The EAP TLS Authentication Protocol",
           RFC 5216, March 2008.

[RFC5296]  V. Narayanan, L. Dondeti, "EAP Extensions for EAP Re-authentication 
           Protocol (ERP)", RFC 5296, August 2008.

[RFC5281]  P. Funk, S. Blake-Wilson, "EAP Tunneled TLS Authentication Protocol 
           Version 0 (EAP-TTLSv0)", RFC 5281, August 2008.

[RFC-arkko-eap-aka-kdf-10.txt]
           J. Arkko, V. Lehtovirta, P. Eronen, "Improved Extensible Authentication 
           Protocol Method for 3rd Generation Authentication and Key Agreement 
           (EAP-AKA')", RFC XXXX, Month Year. 

People
------
[Berrendonner]  Romain Berrendonner, <romain.berrendonner&sagem.com>, December 2001.

[Bogue] Darrin Bogue, <dbogue&zonelabs.com>, February 2004.

[Carlson] James Carlson, <james.d.carlson&east.sun.com>, January 1998,
          June 1999, February 2001.

[Chang] Victor Chang, <vchang&actiontec.com>, June 2002.

[Clancy] T. Charles Clancy, <clancy&cs.umd.edu>, June 2005.

[Clements] Matt Clements, <matt&iosoftware.com>, February 2003.

[Fields] Steven Fields, <sfields&identix.com>, November 2001.

[Haverinen] Henry Haverinen, <henry.haverinen&nokia.com>, November 2000,
            December 2001.

[Hibbard] Richard Hibbard, <rhibbard&fortresstech.com>, February 2003.

[Jerdonek] Rob Jerdonek, <rob&arcot.com>, May 2000.

[Josefsson] Simon Josefsson, <sjosefsson&rsasecurity.com>, March 2002.

[Kelleher] Joe Kelleher, <joe.kelleher&informer.co.uk>, April 2002.

[Merlin] Pascal Merlin, <pmerlin&scrypto.fr>, January 2002.

[Nace] William Nace, <wanace&missi.ncsc.mil>, December 1997

[Norman] Stuart Norman, <snorm&cisco.com>, November 2000.

[Nyström] Magnus Nyström, <magnus&rsasecurity.com>, 11 April 2006.

[Palekar] Ashwin Palekar, <ashwinp&microsoft.com>, December 2001, April 2002.

[Pitard] David Pitard, <david_pitard&phoenix.com>, February 2003.

[Potter] Darran Potter, <dpotter&cisco.com>, January 2002.

[Rixom] Tom Rixom, <tom.rixom&alfa-ariss.com>, May 2003.

[Rosselli] Michael Rosselli, <mrosselli&axent.com>, January 1998.

[Tavakoli] Oliver K. Tavakoli, <radagast&funk.com>, February 2003.

[Ullah] Sana Ullah, <palash78&globalctg.net>, February 2002.

[Webb] Stephen M. Webb, <stephenw&cryptocard.com>, January 2002.

[Whelan] William Whelan, <bwhelan&nei.com>, December 1997.

[Xiong] John Xiong, <johnxiong&cogentsystems.com>, June 2002.

[Young] Albert Young, <albert_young&3com.com>, December 2001.

[Zick] Don Zick, <dzick&interlinknetworks.com>, February 2003, April 2004.

(registry created 2004-04-09)

[]
