jkmaline at cc.hut.fi
Mon May 31 23:47:21 EDT 2004
On Mon, May 31, 2004 at 07:57:43AM +0200, Bastos Fernandez Alexandre wrote:
> I am a newbie to the world of MAC security, and my interest is on
> implementing authentication, key management and cryptography in a wired
> 802.3 Ethernet.
> I have found that HostAP is the most popular implementation of the
> Authenticator, but I have read that it is only for wireless (802.11)
> networks. Is that true? Is there any plan to implement HostAP for wired
> networks? Which are the points involved on such a implementations which
> avoids using HostAP on 802.3? Does anyone know another open-source
> Authenticator for wired LAN?
Yes, it is true that the IEEE 802.1X Authenticator in hostapd is
currently quite tightly integrated with IEEE 802.11 functionality and
cannot be used on wired networks. I would prefer to make it much more
modular in the same way as IEEE 802.1X Supplicant is in wpa_supplicant.
This would make it easier to use the Authenticator functionality with
both other wireless drivers and wired networks. However, I do not know
when I will be able to get enough time to do this.
Open1x project (http://www.open1x.org/) has another open source IEEE
802.1X Authenticator implementation which, I believe, was originally
used on wired networks, so it might be another option for you. However,
it looks like Open1x has been concentrating mostly on the Supplicant
part and the Authenticator code has not been changed at all during last
couple of years.
Jouni Malinen PGP id EFC895FA
More information about the HostAP