다음을 통해 공유


3.3.5.2 Phase 1 (TLS Tunnel Establishment)

When the EAP implementation negotiates PEAP as the method on the EAP server, PEAP phase 1 begins.

The first packet in a PEAP negotiation is referred to as a PEAP start packet. Version 0 implementations MUST set the L bit to 0, the M bit based on the description in the PEAP packet, the S bit to 1, and all of the reserved bits to 0. These flag fields are specified in the PEAP packet.

After the PEAP start packet is sent to the peer, the PEAP server expects a PEAP response from the peer that indicates the version of PEAP that the peer supports. At the EAP level (see section 2.1), these interactions are specified in [RFC3748] section 2.

The peer MUST then start to negotiate a TLS session.

When the TLS tunnel is established successfully, implementations SHOULD skip phase 2 if the session is a resumption of a previous session (as specified in [RFC2246] section F.1.4). This process is known as "fast reconnection".