EAP + EAPOL state machines

Jouni Malinen j at w1.fi
Mon Sep 21 20:42:55 EDT 2009


On Sat, Sep 19, 2009 at 11:01:55AM +0300, Paul Roit wrote:

> The process was revolving state machines SUPP_PAE,
> KEY_RX, SUPP_BE, and the peer's state machine

These are IEEE 802.1X/EAPOL state machines.

> Could you please elaborate on the meaning of the first three?
> What is PAE, KEY_RX and BE?

PAE is Port Access Entity, KEY_RX is key receive, and BE is backend
state machine. IEEE Std 802.1X-2004 provides more details.

> rfc 4137 only mentiones peer's sm and a full-authenticator
>  (in a pass through mode). Which sm is responsible for what?

RFC 4137 defines the EAP peer state machines. IEEE Std 802.1X-2004
defines the EAPOL supplicant state machines.

-- 
Jouni Malinen                                            PGP id EFC895FA


More information about the HostAP mailing list