Search Linux Wireless

Re: [PATCH 0/5] [mac|nl]80211: SAE mesh and userspace authentication

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Jouni,

On Sun, Feb 27, 2011 at 1:43 AM, Jouni Malinen <j@xxxxx> wrote:
> On Fri, Feb 25, 2011 at 05:32:35PM -0800, Thomas Pedersen wrote:
>> This patch series introduces support for userspace SAE (Simultaneous
>> Authentication of Equals) daemons through nl80211 and mac80211. This
>> authentication scheme is documented in IEEE 802.11s section 8.2a.1.
>
> While the SAE mechanism is specified in IEEE 802.11s, it is not in any
> way specific to mesh. Some of these patches looked generic, but at least
> the one touching ieee80211_default_mgmt_stypes addressed only the mesh
> point iftype. Do you have plans on making this more generic to allow SAE
> to be used in station mode interface with WPA2-Personal?

Our goal is to implement SAE for mesh mode interfaces in the most
generic way so it can easily be extended for station mode interfaces.
If we have the bandwidth, we might try to implement station mode
support ourselves, but can't guarantee it at this time.  We'll gladly
accept feedback on the best way to implement SAE support in the most
generic way.

> I would assume that AP side can already be handled in hostapd without kernel changes,
> but it would be useful to allow wpa_supplicant to implement SAE for the
> station interface even if there is no use of mesh in the network.

We have prototyped an SAE authentication daemon here:
https://github.com/cozybit/authsae . The current version successfully
authenticates mesh nodes (the kernel requires the patches in this
series).  The next step is to roll that functionality into
wpa_supplicant and hope that the maintainer considers our patches
favorably.  When we do that we'll make sure that we cover the case of
station interfaces, but I don't think we'll be able to implement the
AP side in hostapd.  Do you have plans to support SAE in hostapd?

Cheers,

Javier

-- 
Javier Cardona
cozybit Inc.
http://www.cozybit.com
--
To unsubscribe from this list: send the line "unsubscribe linux-wireless" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[Index of Archives]     [Linux Host AP]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [Linux Kernel]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]
  Powered by Linux