| RE: PANA and EAP keying framework | <– Date –> <– Thread –> |
From: Bernard Aboba (bernard_aboba hotmail.com)
|
|
| Date: Tue, 10 Jan 2006 13:05:05 -0800 (PST) | |
There are numerous places, but you can start with clause 5.9.2.1, which gives an expository overview of the process. IP traffic is not encapsulated with the 802.1X Ethertype, so is expressly blocked.
Right.
In any case, another way is to use multiple (virtual) APs, one operating in 'open' authentication running PANA and the other operating in 802.11i, and switching from the former AP to the latter after PANA authentication.
That is also forbidden in IEEE 802.11i, which includes the authorizations as part of the PMKSA context. Therefore it is not permitted to use authorizations provided for one virtual AP with another virtual AP.
- Re: PANA and EAP keying framework, (continued)
- Re: PANA and EAP keying framework Jari Arkko, January 10 2006
-
RE: PANA and EAP keying framework Walker, Jesse, January 10 2006
- Re: PANA and EAP keying framework Yoshihiro Ohba, January 10 2006
-
RE: PANA and EAP keying framework Walker, Jesse, January 10 2006
- RE: PANA and EAP keying framework Bernard Aboba, January 10 2006
- Re: PANA and EAP keying framework Yoshihiro Ohba, January 10 2006
- Re: PANA and EAP keying framework Yoshihiro Ohba, January 10 2006
- Re: PANA and EAP keying framework Rafa Marin Lopez, January 10 2006
- RE: PANA and EAP keying framework Walker, Jesse, January 10 2006
Results generated by Tiger Technologies using MHonArc.