what is difference bw LEAP and PEAP?

ychx

what is difference bw LEAP and PEAP? It seem both authenticate server side using non-certificagte method. Any difference bw them?

JDMurray

PEAP (Protected EAP) is a form of EAP developed by RSA, Microsoft, and Cisco. PEAP uses server-side PKI to build an encrypted EAP-TLS tunnel between the client and server prior to the client transmitting its authentication credentials (username, password, certs, etc.). PEAP is used to overcome some of the scalability problems associated with TLS.

Cisco’s LEAP is an older EAP that uses TKIP and dynamic WEP keys rather than PKI and TLS for authentication confidentiality. PEAP has largely replaced LEAP.

Here's a detailed description of both EAPs:
http://www.cisco.com/en/US/products/hw/wireless/ps430/products_white_paper09186a00800b469f.shtml