Well you are probably right, but when providers will start pushing 3G/4G
offload for real (if they ever do), there are not many ways of doing
it... I think :P The reason of those tests on our side is to support
WISPr and/or NewGen hotspots with our product.
That's a big "if", IMO.
EAP-SIM would in theory be quite nice for a number of reasons right now,
even without offload. It's a built-in, secure credential.
Yup indeed!
Unfortunately, as our off-list emails suggests, you can't get easy
access to SIM secrets in the general case (for obvious reasons). So
unless someone (i.e. the mobile phone providers) starts running a radius
server you can proxy *.3gppnetwork.org to, I can't see EAP-SIM being
part of the solution.
Well the way it should work is that RADIUS needs to proxy to a 3GPP
compliant AAA server or proxy to an ITP (MAP proxy) to speak to the HLR
using SS7 so the RAND comes from the HLR/AuC, and SRES/Kc is sent back
to the HLR to perform the authorization check :)
The only way to test it without having that kind of infra is to
pre-compute stuff to simulate the HLR calculations (offlist message).
Thanks!
--
Francois Gaudreault, ing. jr
[email protected] :: +1.514.447.4918 (x130) :: www.inverse.ca
Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence
(www.packetfence.org)
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
