EAP is an authentication framework for providing the transport and usage of material and parameters generated by EAP methods. There are many methods defined by RFCs, and a number of vendor-specific methods and new proposals exist. EAP is not a wire protocol; instead it only defines the information from the interface and the formats. Each ...

EAP（Extensible Authentication Protocol），可扩展认证协议，是一种普遍使用的支持多种认证方法的认证框架协议，主要用于网络接入认证。该协议一般运行在数据链路层上，即可以直接运行于PPP或者IEEE 802之上，不必依赖于IP。EAP可应用于无线、有线网络中。

EAP-FAST（基于安全隧道的灵活认证，Flexible Authentication via Secure Tunneling）是一个由思科提出的协议方案，用于替代 轻量级 EAP（LEAP） （ 英语 ： Lightweight Extensible Authentication Protocol ） 。设计该协议是为了解决 LEAP 实现“轻量级”时的缺点。

本文档描述了一种适用于一次性密码（OTP）令牌的通用可扩展身份验证协议（EAP）方法，并为具有直接电子接口的令牌及其相关客户端提供了特殊优势。 该方法可用于在利用EAP的协议（例如PPP、IEEE 802.1X和Internet密钥交换协议版本2（IKEv2））中提供单边或相互认证以及密钥材料。 1. Introduction ....................................................4. 1.1. Scope ......................................................4. 1.2.

OTP TLV In an EAP-Request, the OTP TLV is used to request an OTP (or a value derived from an OTP) from the peer. In an EAP-Response, the OTP TLV carries an OTP or a value derived from an OTP. This TLV type MUST be supported by all peers and all EAP servers conforming to this specification and MUST NOT be responded to with a NAK TLV.

The Response MUST be of Type 5 (OTP), Nak (Type 3), or Expanded Nak (Type 254). The Nak Response indicates the peer's desired authentication Type(s). The EAP OTP method is intended for use with the One-Time Password system only, and MUST NOT be used to provide support for cleartext passwords.

eap-otp：eap-otp是一种基于一次性密码的eap身份验证方法，主要用于有线和无线网络的用户身份验证。 它使用一次性密码（OTP），每个密码只使用一次然后就失效，这种机制提供了很高的安全性，因为窃听者无法使用捕获的一次性密码进行重放攻击。

This document describes a general Extensible Authentication Protocol (EAP) method suitable for use with One-Time Password (OTP) tokens, and offers particular advantages for tokens with direct electronic interfaces to their associated clients.

This section documents the threats that exist on physically insecure networks carrying EAP, as well as laying out the consequences of the use of the OTP and Generic Token Card methods on those networks.

2007年2月1日 · This document describes a general Extensible Authentication Protocol (EAP) method suitable for use with One-Time Password (OTP) tokens, and offers particular advantages for tokens with direct electronic interfaces to their associated clients.