9. 参考文献 (References)
9.1. 规范性参考文献 (Normative References)
-
[RFC2119] Bradner, S., "用于在 RFC 中指示需求级别的关键词", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, https://www.rfc-editor.org/info/rfc2119.
-
[RFC2985] Nystrom, M. and B. Kaliski, "PKCS #9: Selected Object Classes and Attribute Types Version 2.0", RFC 2985, DOI 10.17487/RFC2985, November 2000, https://www.rfc-editor.org/info/rfc2985.
-
[RFC2986] Nystrom, M. and B. Kaliski, "PKCS #10: Certification Request Syntax Specification Version 1.7", RFC 2986, DOI 10.17487/RFC2986, November 2000, https://www.rfc-editor.org/info/rfc2986.
-
[RFC3748] Aboba, B., Blunk, L., Vollbrecht, J., Carlson, J., and H. Levkowetz, Ed., "可扩展认证协议 (Extensible Authentication Protocol, EAP)", RFC 3748, DOI 10.17487/RFC3748, June 2004, https://www.rfc-editor.org/info/rfc3748.
-
[RFC5077] Salowey, J., Zhou, H., Eronen, P., and H. Tschofenig, "无服务器端状态的传输层安全性 (TLS) 会话恢复", RFC 5077, DOI 10.17487/RFC5077, January 2008, https://www.rfc-editor.org/info/rfc5077.
-
[RFC5216] Simon, D., Aboba, B., and R. Hurst, "EAP-TLS 认证协议", RFC 5216, DOI 10.17487/RFC5216, March 2008, https://www.rfc-editor.org/info/rfc5216.
-
[RFC5246] Dierks, T. and E. Rescorla, "传输层安全性 (TLS) 协议版本 1.2", RFC 5246, DOI 10.17487/RFC5246, August 2008, https://www.rfc-editor.org/info/rfc5246.
-
[RFC5295] Salowey, J., Dondeti, L., Narayanan, V., and M. Nakhjiri, "从扩展主会话密钥 (EMSK) 派生根密钥的规范", RFC 5295, DOI 10.17487/RFC5295, August 2008, https://www.rfc-editor.org/info/rfc5295.
-
[RFC5705] Rescorla, E., "用于传输层安全性 (TLS) 的密钥材料导出器", RFC 5705, DOI 10.17487/RFC5705, March 2010, https://www.rfc-editor.org/info/rfc5705.
-
[RFC5746] Rescorla, E., Ray, M., Dispensa, S., and N. Oskov, "传输层安全性 (TLS) 重新协商指示扩展", RFC 5746, DOI 10.17487/RFC5746, February 2010, https://www.rfc-editor.org/info/rfc5746.
-
[RFC5929] Altman, J., Williams, N., and L. Zhu, "TLS 信道绑定", RFC 5929, DOI 10.17487/RFC5929, July 2010, https://www.rfc-editor.org/info/rfc5929.
-
[RFC6677] Hartman, S., Ed., Clancy, T., and K. Hoeper, "对可扩展认证协议 (EAP) 方法的信道绑定支持", RFC 6677, DOI 10.17487/RFC6677, July 2012, https://www.rfc-editor.org/info/rfc6677.
-
[RFC7030] Pritikin, M., Ed., Yee, P., Ed., and D. Harkins, Ed., "基于安全传输的注册 (Enrollment over Secure Transport)", RFC 7030, DOI 10.17487/RFC7030, October 2013, https://www.rfc-editor.org/info/rfc7030.
-
[RFC8174] Leiba, B., "RFC 2119 关键词中大写与小写的歧义", BCP 14, RFC 8174, DOI 10.17487/RFC8174, May 2017, https://www.rfc-editor.org/info/rfc8174.
-
[RFC8446] Rescorla, E., "传输层安全性 (TLS) 协议版本 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, https://www.rfc-editor.org/info/rfc8446.
-
[RFC8996] Moriarty, K. and S. Farrell, "废弃 TLS 1.0 和 TLS 1.1", BCP 195, RFC 8996, DOI 10.17487/RFC8996, March 2021, https://www.rfc-editor.org/info/rfc8996.
-
[RFC9190] Preuß Mattsson, J. and M. Sethi, "EAP-TLS 1.3: 将可扩展认证协议与 TLS 1.3 一起使用", RFC 9190, DOI 10.17487/RFC9190, February 2022, https://www.rfc-editor.org/info/rfc9190.
-
[RFC9427] DeKok, A., "与 TLS 1.3 一起使用的基于 TLS 的可扩展认证协议 (EAP) 类型", RFC 9427, DOI 10.17487/RFC9427, June 2023, https://www.rfc-editor.org/info/rfc9427.
-
[RFC9525] Saint-Andre, P. and R. Salz, "TLS 中的服务身份", RFC 9525, DOI 10.17487/RFC9525, November 2023, https://www.rfc-editor.org/info/rfc9525.
-
[RFC9908] Richardson, M., Ed., Friel, O., von Oheimb, D., and D. Harkins, "对 RFC 7030 中 CSR Attributes 定义的澄清和增强", RFC 9908, DOI 10.17487/RFC9908, January 2026, https://www.rfc-editor.org/info/rfc9908.
9.2. 资料性参考文献 (Informative References)
-
[BCP26] Best Current Practice 26, https://www.rfc-editor.org/info/bcp26. 写作本文时, 该 BCP 包含以下文档: Cotton, M., Leiba, B., and T. Narten, "RFC 中 IANA Considerations 章节编写指南", BCP 26, RFC 8126, DOI 10.17487/RFC8126, June 2017, https://www.rfc-editor.org/info/rfc8126.
-
[BCP86] Best Current Practice 86, https://www.rfc-editor.org/info/bcp86. 写作本文时, 该 BCP 包含以下文档: Orman, H. and P. Hoffman, "确定用于交换对称密钥的公钥强度", BCP 86, RFC 3766, DOI 10.17487/RFC3766, April 2004, https://www.rfc-editor.org/info/rfc3766.
-
[IEEE.802-1X.2020] IEEE, "IEEE Standard for Local and Metropolitan Area Networks--Port-Based Network Access Control", IEEE Std 802.1X-2020, DOI 10.1109/IEEESTD.2020.9018454, February 2020, https://doi.org/10.1109/IEEESTD.2020.9018454.
-
[KAMATH] Kamath, V. and A. Palekar, "Microsoft EAP CHAP Extensions", Work in Progress, Internet-Draft, draft-kamath-pppext-eap-mschapv2-02, 19 June 2007, https://datatracker.ietf.org/doc/html/draft-kamath-pppext-eap-mschapv2-02.
-
[MSCHAP] Microsoft Corporation, "Master Session Key (MSK) Derivation", 23 April 2024, https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-chap/5a860bf5-2aeb-485b-82ee-fac1e8e6b76f.
-
[NIST-SP-800-57] Barker, E., "密钥管理建议: 第 1 部分 - 通用", NIST SP 800-57 Part 1 Rev. 5, DOI 10.6028/NIST.SP.800-57pt1r5, May 2020, https://doi.org/10.6028/NIST.SP.800-57pt1r5.
-
[PEAP] Microsoft Corporation, "[MS-PEAP]: 受保护可扩展认证协议 (Protected Extensible Authentication Protocol, PEAP)", 24 June 2021, https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-peap/5308642b-90c9-4cc4-beec-fb367325c0f9.
-
[RFC2315] Kaliski, B., "PKCS #7: Cryptographic Message Syntax Version 1.5", RFC 2315, DOI 10.17487/RFC2315, March 1998, https://www.rfc-editor.org/info/rfc2315.
-
[RFC3579] Aboba, B. and P. Calhoun, "RADIUS (Remote Authentication Dial In User Service) 对可扩展认证协议 (EAP) 的支持", RFC 3579, DOI 10.17487/RFC3579, September 2003, https://www.rfc-editor.org/info/rfc3579.
-
[RFC3629] Yergeau, F., "UTF-8, ISO 10646 的一种转换格式", STD 63, RFC 3629, DOI 10.17487/RFC3629, November 2003, https://www.rfc-editor.org/info/rfc3629.
-
[RFC4017] Stanley, D., Walker, J., and B. Aboba, "无线 LAN 的可扩展认证协议 (EAP) 方法需求", RFC 4017, DOI 10.17487/RFC4017, March 2005, https://www.rfc-editor.org/info/rfc4017.
-
[RFC4072] Eronen, P., Ed., Hiller, T., and G. Zorn, "Diameter 可扩展认证协议 (EAP) 应用程序", RFC 4072, DOI 10.17487/RFC4072, August 2005, https://www.rfc-editor.org/info/rfc4072.
-
[RFC4086] Eastlake 3rd, D., Schiller, J., and S. Crocker, "安全性的随机性需求", BCP 106, RFC 4086, DOI 10.17487/RFC4086, June 2005, https://www.rfc-editor.org/info/rfc4086.
-
[RFC4334] Housley, R. and T. Moore, "支持点对点协议 (PPP) 和无线局域网 (WLAN) 中认证的证书扩展和属性", RFC 4334, DOI 10.17487/RFC4334, February 2006, https://www.rfc-editor.org/info/rfc4334.
-
[RFC4648] Josefsson, S., "Base16, Base32 和 Base64 数据编码", RFC 4648, DOI 10.17487/RFC4648, October 2006, https://www.rfc-editor.org/info/rfc4648.
-
[RFC4851] Cam-Winget, N., McGrew, D., Salowey, J., and H. Zhou, "经安全隧道的灵活认证可扩展认证协议方法 (EAP-FAST)", RFC 4851, DOI 10.17487/RFC4851, May 2007, https://www.rfc-editor.org/info/rfc4851.
-
[RFC4945] Korver, B., "IKEv1/ISAKMP, IKEv2 和 PKIX 的互联网 IP Security PKI Profile", RFC 4945, DOI 10.17487/RFC4945, August 2007, https://www.rfc-editor.org/info/rfc4945.
-
[RFC4949] Shirey, R., "互联网安全术语表, 第 2 版", FYI 36, RFC 4949, DOI 10.17487/RFC4949, August 2007, https://www.rfc-editor.org/info/rfc4949.
-
[RFC4962] Housley, R. and B. Aboba, "认证, 授权和计费 (AAA) 密钥管理指南", BCP 132, RFC 4962, DOI 10.17487/RFC4962, July 2007, https://www.rfc-editor.org/info/rfc4962.
-
[RFC5247] Aboba, B., Simon, D., and P. Eronen, "可扩展认证协议 (EAP) 密钥管理框架", RFC 5247, DOI 10.17487/RFC5247, August 2008, https://www.rfc-editor.org/info/rfc5247.
-
[RFC5272] Schaad, J. and M. Myers, "Certificate Management over CMS (CMC)", RFC 5272, DOI 10.17487/RFC5272, June 2008, https://www.rfc-editor.org/info/rfc5272.
-
[RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S., Housley, R., and W. Polk, "互联网 X.509 公钥基础设施证书和证书吊销列表 (CRL) Profile", RFC 5280, DOI 10.17487/RFC5280, May 2008, https://www.rfc-editor.org/info/rfc5280.
-
[RFC5281] Funk, P. and S. Blake-Wilson, "可扩展认证协议隧道传输层安全性认证协议版本 0 (EAP-TTLSv0)", RFC 5281, DOI 10.17487/RFC5281, August 2008, https://www.rfc-editor.org/info/rfc5281.
-
[RFC5421] Cam-Winget, N. and H. Zhou, "EAP-FAST 内的基本密码交换", RFC 5421, DOI 10.17487/RFC5421, March 2009, https://www.rfc-editor.org/info/rfc5421.
-
[RFC5422] Cam-Winget, N., McGrew, D., Salowey, J., and H. Zhou, "使用 EAP-FAST 的动态预配", RFC 5422, DOI 10.17487/RFC5422, March 2009, https://www.rfc-editor.org/info/rfc5422.
-
[RFC5652] Housley, R., "密码消息语法 (Cryptographic Message Syntax, CMS)", STD 70, RFC 5652, DOI 10.17487/RFC5652, September 2009, https://www.rfc-editor.org/info/rfc5652.
-
[RFC5931] Harkins, D. and G. Zorn, "仅使用密码的可扩展认证协议 (EAP) 认证", RFC 5931, DOI 10.17487/RFC5931, August 2010, https://www.rfc-editor.org/info/rfc5931.
-
[RFC6066] Eastlake 3rd, D., "传输层安全性 (TLS) 扩展: 扩展定义", RFC 6066, DOI 10.17487/RFC6066, January 2011, https://www.rfc-editor.org/info/rfc6066.
-
[RFC6124] Sheffer, Y., Zorn, G., Tschofenig, H., and S. Fluhrer, "基于加密密钥交换 (EKE) 协议的 EAP 认证方法", RFC 6124, DOI 10.17487/RFC6124, February 2011, https://www.rfc-editor.org/info/rfc6124.
-
[RFC6238] M'Raihi, D., Machani, S., Pei, M., and J. Rydell, "TOTP: 基于时间的一次性密码算法", RFC 6238, DOI 10.17487/RFC6238, May 2011, https://www.rfc-editor.org/info/rfc6238.
-
[RFC6678] Hoeper, K., Hanna, S., Zhou, H., and J. Salowey, Ed., "基于隧道的可扩展认证协议 (EAP) 方法需求", RFC 6678, DOI 10.17487/RFC6678, July 2012, https://www.rfc-editor.org/info/rfc6678.
-
[RFC6960] Santesson, S., Myers, M., Ankney, R., Malpani, A., Galperin, S., and C. Adams, "X.509 互联网公钥基础设施在线证书状态协议 - OCSP", RFC 6960, DOI 10.17487/RFC6960, June 2013, https://www.rfc-editor.org/info/rfc6960.
-
[RFC6961] Pettersen, Y., "传输层安全性 (TLS) 多证书状态请求扩展", RFC 6961, DOI 10.17487/RFC6961, June 2013, https://www.rfc-editor.org/info/rfc6961.
-
[RFC7029] Hartman, S., Wasserman, M., and D. Zhang, "可扩展认证协议 (EAP) 相互密码学绑定", RFC 7029, DOI 10.17487/RFC7029, October 2013, https://www.rfc-editor.org/info/rfc7029.
-
[RFC7170] Zhou, H., Cam-Winget, N., Salowey, J., and S. Hanna, "隧道可扩展认证协议 (TEAP) 版本 1", RFC 7170, DOI 10.17487/RFC7170, May 2014, https://www.rfc-editor.org/info/rfc7170.
-
[RFC7299] Housley, R., "PKIX 工作组的对象标识符注册表", RFC 7299, DOI 10.17487/RFC7299, July 2014, https://www.rfc-editor.org/info/rfc7299.
-
[RFC7542] DeKok, A., "网络访问标识符", RFC 7542, DOI 10.17487/RFC7542, May 2015, https://www.rfc-editor.org/info/rfc7542.
-
[RFC8146] Harkins, D., "为 EAP-pwd 添加对带盐密码数据库的支持", RFC 8146, DOI 10.17487/RFC8146, April 2017, https://www.rfc-editor.org/info/rfc8146.
-
[RFC9325] Sheffer, Y., Saint-Andre, P., and T. Fossati, "安全使用传输层安全性 (TLS) 和数据报传输层安全性 (DTLS) 的建议", BCP 195, RFC 9325, DOI 10.17487/RFC9325, November 2022, https://www.rfc-editor.org/info/rfc9325.
-
[X.690] ITU-T, "信息技术 - ASN.1 编码规则: 基本编码规则 (BER), 规范编码规则 (CER) 和可分辨编码规则 (DER) 规范", February 2021, https://www.itu.int/rec/T-REC-X.690.