Hi Laurent,
Many thanks for your reply (and thanks to others as well).
[snipped older stuff]From: Laurent Butti <[EMAIL PROTECTED]> Subject: Re: WPA w/ EAP-TLS against 0.8.1 Date: Fri, 03 Oct 2003 13:40:42 +0200
You have access to the "standard" for 25$ at wi-fi.org. It is not really
"technical", perhaps you should take a look at IEEE 802.11 i Draft 3.0, as WPA is
a subset from.
I will look at the IEEE doc if poss. Have already read the $25 one, but it was $25 I could better have spent on doughnuts...
WPA includes EAP support.
Currently, FreeRADIUS runs very well with WPA access points, the only requirement
is the PMK (Pairwise Master Key) transmission from the AAA to the Authenticator
which is performed with a "keying" method such as TTLS or of course TLS. This is
transmitted via an Accept response.
Aha! I've never heard of the PMK. How do we know we are transmitting it? Is there a FreeRADIUS setting or something to add?
> So, if dynamic WEP is incompatible with WPA, is that the fault of (and > should the fix happen on) the EAP method, the AP, the supplicant or > FreeRADIUS?
WPA should be backward compatible with "dynamic-WEP", i.e. 802.1X-2001. You can
have both WPA (w/ authenticated key management, and TKIP) and legacy 802.1X
clients (w/ WEP-rekeying) on a same WPA access point.
Okay, that's interesting too...
Thanks for the response and the information.
Best wishes,
Ian
_________________________________________________________________
STOP MORE SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=features/junkmail
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
