Jouni Malinen <j <at> w1.fi> writes: > Are you looking for a custom solution that would not work with anyone > else or a standard solutions like MACsec that Henry already mentioned? I'm not sure yet. I'm looking for any reasonable solution and obviously an accepted standard would be a plus, but I would not completely rule out a custom solution. > You could obviously make the kernel do some custom hacks like trying to > fit IEEE 802.11 encryption into other network types, but it would sound > more reasonable to work on a standard solution.. My ideal solution would work for both, wired Ethernet and 802.11 (in IBSS-mode btw.). > CCMP is designed for IEEE 802.11 header and as such, it does not really > work as-is with other network types. WPA-PSK 4-way handshake could be > used to manage keys with some small changes, but this would be very much > a custom solution. Thanks for sharing your insights. They are much appreciated! Initially I didn't provide much details because I thought that my questions were too far off topic for the wireless list. Since it seems people are willing to discuss it here, I'll provide a more detailed description of my problem: I'm working on a wireless communication system for public safety organizations. Normally it uses a wireless MANET with OLSR routing as backbone, but sometimes the OLSR MANET gets extended over wired Ethernet links. Up until now the communication is secured with IPsec. This works reasonably well for unicast data, but gets a really big headache for Multicast (think video from network cameras). Now I'm looking for a sane security solution that would work over both, 802.11 and Ethernet and supports Multicast. I could probably get an insane IPsec solution working, but it would feel less than satisfactory. Regards Joerg -- To unsubscribe from this list: send the line "unsubscribe linux-wireless" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
