Size of PAC in EAP-FAST

Jouni Malinen j at w1.fi
Tue Feb 20 00:53:48 EST 2007


On Tue, Feb 20, 2007 at 10:28:00AM +0530, ramprasad.rajendran at wipro.com wrote:

> What is the maximum size of PAC that can be used for EAP-FAST.
> I read that the PAC-Key is 32 bytes and PAC-Opaque and PAC-Info are
> variable.

I don't think that there is any explicit limit on PAC length. Since the
length field for the PAC components and even for the full PAC TLV is
using 2 octets, the PAC could, in theory, be up to 64 KB. In other
words, authentication server could generate a very long PAC-Opaque, but
I would be quite surprised if this were to be increased much over 500
bytes due to PAC-Opaque being sent as part of the tunnel establishment.

-- 
Jouni Malinen                                            PGP id EFC895FA



More information about the HostAP mailing list