Re: 802.1X-2010 compliance

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Jouni,

Many thanks for replying. Since 802.1X-2010 compliance is mandatory
for my requirement, I am planning to make EAPOL state machine
implementation of hostap to be compliant to 2010 standard and I have
some questions regarding this.

1. After comparing EAPOL state machines of 802.1X-2004 & 802.1X-2010,
I noticed that, some intermediate states are removed in 2010 standard.
Is this to solve some vulnerabilities of 802.1X-2004 standard or to
make the state machine simple? If state machine definition is changed
to just to make it simple, I think, we can still retain the existing
state machine implementation of hostap.
2. 802.1X-2010 standard does not talk about EAPOL back-end state
machine. So I believe, I can retain the implementation of back-end
state machine of hostap as is. Correct me If I am wrong here.

Regards,
Badrish

On Tue, Feb 23, 2016 at 4:04 PM, Jouni Malinen <j@xxxxx> wrote:
> On Tue, Feb 23, 2016 at 11:35:16AM +0530, Badrish Adiga H R wrote:
>> are EAPOL & EAP state machine implementations in hostapd &
>> wpa_supplicant 802.1X-2010 compliance. If no, what extra we might have
>> to implement to be compliant to mandatory requirements of IEEE
>> 802.1X-2010 standard?
>
> The main EAPOL implementation used in hostapd and wpa_supplicant
> (src/eapol_auth/* and src/eapol_supp/*) is actually based on IEEE Std
> 802.1X-2004, not the 2010 version. Only the MACsec related supplicant
> side implementation in src/pae/* is based on the 2010 version.
>
> --
> Jouni Malinen                                            PGP id EFC895FA

_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap



[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]

  Powered by Linux