Share via


EAP-TLS Support (Windows Embedded CE 6.0)

1/6/2010

EAP-Transport Level Security (EAP-TLS) is an EAP type that is used for smart card or certificate-based authentication. The EAP-TLS exchange of messages provides mutual authentication, integrity-protected cipher suite negotiation, and private key exchange and determination between the access client and the authenticating server.

The following list shows the reasons that EAP-TLS using registry-based client certificates provides the strongest authentication for wireless connectivity:

  • EAP-TLS does not require any dependencies on the user account's password.
  • EAP-TLS authentication occurs automatically, usually with no intervention by the user.
  • EAP-TLS uses certificates, and this is a relatively strong authentication scheme.
  • The EAP-TLS exchange is protected with public key cryptography and is not susceptible to offline dictionary attacks.
  • The EAP-TLS authentication process results in mutually determined keying material for data encryption and signing.

For more information about EAP-TLS, see Transport Level Security (TLS).

See Also

Concepts

EAP Support

Other Resources

Smart Card
Certificate Authentication
Certificates
Certificates OS Design Development