{
  "draft": "draft-ietf-emu-eap-tls13-21",
  "doc_id": "RFC9190",
  "title": "EAP-TLS 1.3: Using the Extensible Authentication Protocol with TLS 1.3",
  "authors": [
    "J. Preu\u00df Mattsson",
    "M. Sethi"
  ],
  "format": [
    "XML",
    "TEXT",
    "HTML",
    "PDF"
  ],
  "page_count": "31",
  "pub_status": "PROPOSED STANDARD",
  "status": "PROPOSED STANDARD",
  "source": "EAP Method Update",
  "abstract": "The Extensible Authentication Protocol (EAP), defined in RFC 3748, provides a standard mechanism for support of multiple authentication methods.  This document specifies the use of EAP-TLS with TLS 1.3 while remaining backwards compatible with existing implementations of EAP-TLS.  TLS 1.3 provides significantly improved security and privacy, and reduced latency when compared to earlier versions of TLS.  EAP-TLS with TLS 1.3 (EAP-TLS 1.3) further improves security and privacy by always providing forward secrecy, never disclosing the peer identity, and by mandating use of revocation checking when compared to EAP-TLS with earlier versions of TLS.  This document also provides guidance on authentication, authorization, and resumption for EAP-TLS in general (regardless of the underlying TLS version used).  This document updates RFC 5216.",
  "pub_date": "February 2022",
  "keywords": [],
  "obsoletes": [],
  "obsoleted_by": [],
  "updates": [
    "RFC5216"
  ],
  "updated_by": [
    "RFC9965"
  ],
  "see_also": [],
  "doi": "10.17487/RFC9190",
  "errata_url": "https://www.rfc-editor.org/errata/rfc9190"
}