PEAP label in PRF

Chitrang Srivastava chitrang.srivastava at gmail.com
Wed Sep 14 08:04:27 CEST 2016


Hi,


This is regarding seed label which is used in PRF(Pseudo random function)
to derive session keys.

     PEAPv0: https://tools.ietf.org/html/draft-kamath-pppext-peapv0-00 - I
don't see any mention of label but look like it uses *client EAP encryption
? *Any official draft or RFC mentioned PEAPv0 uses this label ?
     PEAPv1:
https://tools.ietf.org/html/draft-josefsson-pppext-eap-tls-eap-05  *client
PEAP encryption*
     PEAPv2:
https://tools.ietf.org/html/draft-josefsson-pppext-eap-tls-eap-10  *client
EAP  encryption*


So on the *client *side the code should be something like

if(PEAP_version ==1)
   label is
*client PEAP encryption*
otherwise   // For version 0 and 2
  label is *client PEAP encryption*

This look OK? Why PEAPv2 uses old label ?


More information about the Freeradius-Users mailing list