Why do we need a type for smartcard ? Why not?. Existing types relative to tokens or smartcards (according to www.IANA.org) 6 Generic Token Card (RFC3748) , 14 Defender Token, 15 RSA Security SecurID EAP, 18 Nokia IP smart card authentication, 28 CRYPTOCard, 30 DynamID, 32 SecurID EAP, … Prerequisite Method may be implemented by other means than smartcards. True for all methods Method is clearly defined and standardized. Examples: EAP-TLS, EAP-SIM, EAP-AKA Smartcard interface, associated with a particular method is clearly defined and standardized. Example: draft-urien-eap-smartcard-08.txt Integration of EAP methods in smartcards reduce Trojan Horse threats EAP-TLS: trusted certificate chain EAP-SIM; cancel the risk of authentication-triplet theft EAP-AKA: embedded identity management Benefits Standardization of smartcards use with EAP platform. Avoid conflicts when the host supports multiple instances of a given type (EAP-TLS, …). Smartcard may be removed from the supplicant host, it’s clearly linked to terminal user. Proposed mechanism EAP in EAP encapsulation |