Some of Xfinity's hotspots service an SSID "XFINITY", which I gather is properly secured using WPA-EAP. (I have Xfinity service, so I should have an account.) So far, I have tracked down that it uses EAP-TTLS for the first phase authentication and GTC for the second phase. However, beyond that, I know nothing. My goal is to used these hotspots using a Fedora Linux machine. Ideally, someone out there has already worked out how to do this and the instructions are available somewhere. Failing that, I'm looking for any advice I can find, given that I'm not at all familiar with WPA-EAP. My understating is that EAP-TTLS is a method by which the AP uses a certificate to authenticate itself to the client, and seems to require that the client have a copy of the corresponding public certificate. The location of the public certificate seems to be specifiable via wpa_supplicant configuration. GTC seems to mean "generalized token card", which suggests that something external to wpa_supplicant is needed to act as the token card. The wpa_supplicant documentation says that GTC can be configured but doesn't make clear how wpa_supplicant is connected to the token card. I also am not sure what Xfinity uses for token cards when you connect to "XFINITY" with an Android or iPhone -- I suspect Xfinity's hooking-up process installs an app to function as the token card. Many thanks, Dale _______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap
