On Thu, 9 Jun 2005, Cian Cullinan wrote:
> I was under the impression that WPA used 802.1x for authentication.
> That's about all I know though, is there a more full blown solution
> using it?
WPA is a sort of stop-gap, a cut-down 'draft' version of the basic
authentication messages of 802.1x - AIUI. (The actual authentication
crypto stuff being defined elsewhere, IIRC, TKIP?? or somesuch.).
802.1x proper goes further and defines various roles and how they can
interact. Including ways to have entities controlling ports 'switch
off' a port until authentication succeeds, and ways to allow the
actual authentication process to be proxied and centralised (via
encapsulated EAP messages).
A version of 802.1x standard is available on the IEEE site somewhere
and has a reasonably useful overview of the intended capabilities.
http://standards.ieee.org/getieee802/download/802.1X-2001.pdf
regards,
--
Paul Jakma paul at clubi.iepaul at jakma.org Key ID: 64A2FF6A
Fortune:
Does the name Pavlov ring a bell?
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
