Protocolo del
tipo EAP desarrollado conjuntamente por Microsoft, RSA Security y Cisco para la
transmisión datos autenticados, incluso claves, sobre redes inalámbricas
802.11. Autentica clientes de red wi-fi empleando sólo certificados del lado
servidor creando una túnel SSL/TLS entre el cliente y el servidor de
autenticación. El túnel luego protege el resto de intercambios de autenticación
de usuario.
a method to securely transmit
authentication information, including passwords, over wired or wireless
networks. It was jointly developed by Cisco Systems, Microsoft, and RSA
Security. Note that PEAP is not an encryption protocol; as with other EAP types
it only authenticates a client into a network.
PEAP uses only server-side
public key certificates to authenticate clients by creating an encrypted
SSL/TLS tunnel between the client and the authentication server. The ensuing
exchange of authentication information is then encrypted and user credentials are
safe from eavesdropping.
PEAP is a joint proposal by
Cisco Systems, Microsoft and RSA Security as an open standard. It is already
widely available in products, and provides very good security. It is similar in
design to EAP-TTLS, requiring only a server-side PKI certificate to create a
secure TLS tunnel to protect user authentication.
http://en.wikipedia.org/wiki/Protected_Extensible_Authentication_Protocol