| Re: PKMv2 EAP Authenctication | <– Date –> <– Thread –> |
From: Bernard Aboba (bernard_aboba hotmail.com)
|
|
| Date: Fri, 9 Mar 2007 06:39:15 -0800 (PST) | |
We need to implement a pass through authenticator. RFC 4137 explains the state machine implementation of RFC 3748. So while designing Gateway/EAP_Authenticator, Whether we have to stick to IEE 802.1X state machines with some changes or RFC 4137 state machine (decision = PASSTHROUGH).
I can't answer your question because the IEEE 802.16e specification does not indicate how 16e interfaces with the EAP state machine described in RFC 4137.
When we did the IEEE 802.16e security review, we noted the lack of a state machine, and flagged this as a security concern. We were told that future updates to 16e would provide this information.
I have doubts whether the IEEE 802.1X state machine is applicable, because 16e begins the interaction with EAP before dataframes can be sent. If you are looking for a place to start, the PPP state machine might be closer, since in both 16e and PPP, EAP authentication occurs prior to "Link Up", not after, as it does with IEEE 802.1X.
- Re: PKMv2 EAP Authenctication, (continued)
-
Re: PKMv2 EAP Authenctication Bernard Aboba, March 7 2007
-
Re: PKMv2 EAP Authenctication Rengith Thomas, March 7 2007
- Re: PKMv2 EAP Authenctication Bernard Aboba, March 7 2007
- Re: PKMv2 EAP Authenctication Rengith Thomas, March 8 2007
- Re: PKMv2 EAP Authenctication Bernard Aboba, March 9 2007
-
Re: PKMv2 EAP Authenctication Rengith Thomas, March 7 2007
- Re: PKMv2 EAP Authenctication Rengith Thomas, March 13 2007
-
Re: PKMv2 EAP Authenctication Bernard Aboba, March 7 2007
Results generated by Tiger Technologies using MHonArc.