Size of PAC in EAP-FAST

Jouni Malinen j
Mon Feb 19 21:53:48 PST 2007

On Tue, Feb 20, 2007 at 10:28:00AM +0530, ramprasad.rajendran at wrote:

> What is the maximum size of PAC that can be used for EAP-FAST.
> I read that the PAC-Key is 32 bytes and PAC-Opaque and PAC-Info are
> variable.

I don't think that there is any explicit limit on PAC length. Since the
length field for the PAC components and even for the full PAC TLV is
using 2 octets, the PAC could, in theory, be up to 64 KB. In other
words, authentication server could generate a very long PAC-Opaque, but
I would be quite surprised if this were to be increased much over 500
bytes due to PAC-Opaque being sent as part of the tunnel establishment.

Jouni Malinen                                            PGP id EFC895FA

More information about the Hostap mailing list