Microsoft Knowledge Base Article 325725 contains the following summary:
RFC 2284 defines the Extensible Authentication Protocol
which provides support for multiple authentication methods.
was originally created for use with Point-to-Point Protocol (PPP),
it has been
adopted for use with IEEE 802.1x Network Port Authentication.
Since EAP's deployment, a number of weaknesses in EAP have become noticeable. These include the following:
|•||Lack of protection of the user identity or the EAP negotiation.|
|•||No standardized mechanism for key exchange.|
|•||No built-in support for fragmentation and reassembly.|
|•||Lack of support for fast reconnect.|
Protected EAP (PEAP) addresses these deficiencies by wrapping the EAP protocol in Transport Layer Security (TLS). Any EAP method running in PEAP is provided with built-in support for key exchange, session resumption, and fragmentation and reassembly.