> Hi Casper,
>
> Casper.Dik at Sun.COM wrote:
> > ...
> > So I am wondering what is needed in (Open)Solaris
> to support
> > the remainder of these?
> >
> > Is it:
> > - support in each and every wireless driver?
> > - support in a common kernel module?
> >
> With the putback of the project "PSARC 2006/046
> Wireless WPA
> Supplicant", the framework of WPA
> has been integrated into Solaris build 64, it
> included: a new service
> "network/wpa" is introduced, the
> libdladm/dladm, gldv3/mac-wifi plugin, net80211
> kernel module, ath
> driver, and nwam have been enhanced
> to support the WPA/WPA2.
>
> At present, we have 5 drivers supporting WPA/WPA2:
> ath, iwi, wpi, ral,
> iwk, and if a new driver want to support
> WPA in future, it's very easy, just additional 2
> lines codes will be okay.
Is all this integrated in SOLARIS10U4 or is there a patch to add it, and, if
yes does this patch need a maintenance subscription ?
(With this we may hope to get ttls when it becomes available. It is less true
with the original supplicant, if I understand well)
Marc
Thanks
> >
> > - some additional porting required for
> wpa_supplicant?
> >
> Yes, to support WPA-Enterprise, we need to implement
> the full IEEE802.1X
> protocol to the wpa daemon, plus those
> EAP methods, such as EAP-TLS, EAP-TTLS, ... etc. We
> need to enhance the
> libdladm/dladm to support the
> WPA-Enterprise configuration, nwam too. Since there
> are some sensitive
> informations in WPA-Enterprise, like certificates,
> usernames/passwords, etc, KMF is a must to do this.
>
> Wifi drivers and gldv3/net80211 kernel modules
> needn't to be changed
> when we go to the WPA-Enterprise..
>
> Thanks,
>
> --
> Quaker
> > or a combination of the three?
> >
>
> > Features
> > --------
> >
> > Supported WPA/IEEE 802.11i features:
> > - WPA-PSK ("WPA-Personal")
> > - WPA with EAP (e.g., with RADIUS authentication
> server) ("WPA-Enterprise")
> > Following authentication methods are supported
> with an integrate IEEE 802.1X
> > Supplicant:
> > * EAP-TLS
> > * EAP-PEAP/MSCHAPv2 (both PEAPv0 and PEAPv1)
> > * EAP-PEAP/TLS (both PEAPv0 and PEAPv1)
> > * EAP-PEAP/GTC (both PEAPv0 and PEAPv1)
> > * EAP-PEAP/OTP (both PEAPv0 and PEAPv1)
> > * EAP-PEAP/MD5-Challenge (both PEAPv0 and PEAPv1)
> > * EAP-TTLS/EAP-MD5-Challenge
> > * EAP-TTLS/EAP-GTC
> > * EAP-TTLS/EAP-OTP
> > * EAP-TTLS/EAP-MSCHAPv2
> > * EAP-TTLS/EAP-TLS
> > * EAP-TTLS/MSCHAPv2
> > * EAP-TTLS/MSCHAP
> > * EAP-TTLS/PAP
> > * EAP-TTLS/CHAP
> > * EAP-SIM
> > * LEAP (note: only with WEP keys, i.e., not for
> WPA; in addition, LEAP
> > requires special support from the driver
> for IEEE 802.11
> > authentication)
> > (following methods are supported, but since they
> do not generate keying
> > material, they cannot be used with WPA or IEEE
> 802.1X WEP keying)
> > * EAP-MD5-Challenge
> > * EAP-MSCHAPv2
> > * EAP-GTC
> > * EAP-OTP
> > Alternatively, an external program, e.g.,
> Xsupplicant, can be used for EAP
> > authentication.
> > - key management for CCMP, TKIP, WEP104, WEP40
> > - RSN/WPA2 (IEEE 802.11i)
> > * pre-authentication
> > * PMKSA caching
> >
> >
> >
> > Casper
> > _______________________________________________
> > laptop-discuss mailing list
> > laptop-discuss at opensolaris.org
> >
>
> _______________________________________________
> laptop-discuss mailing list
> laptop-discuss at opensolaris.org
This message posted from opensolaris.org
