Excellent post! BTW, you'll still need smart card ID deployment. Alan --- Jacques Caron <[EMAIL PROTECTED]> wrote: > Hi, > > 802.1x is pure software, and unless the hardware in > the box is very very very very dumb, or there are > flash space issues, any AP should be upgradable to > support 802.1x. It's just a matter of adding a few > state machines, a RADIUS client, making sure per- > station keys are supported, a tiny bit of crypto > (for RADIUS and the EAPOL-Key packets), and the > associated configuration variables (RADIUS server, > secret, etc.). > > That's actually the whole reasoning behind the new > WPA thing: it should bring more security without > needing new hardware, as opposed to "better" > security enhancements like AES that require quite a > bit more horsepower. > > Now, of course, that doesn't necessarily mean that > all vendors will provide new firmware to support > 802.1x or WPA... They'll probably try to sell new > hardware, especially for the lower cost ones. > > Jacques.
-- NYCwireless - http://www.nycwireless.net/ Un/Subscribe: http://lists.nycwireless.net/mailman/listinfo/nycwireless/ Archives: http://lists.nycwireless.net/pipermail/nycwireless/
