Marc Lobelle wrote:
>> ...
>> With the putback of the project "PSARC 2006/046
>> Wireless WPA
>> Supplicant", the framework of WPA
>> has been integrated into Solaris build 64, it
>> included: a new service
>> "network/wpa" is introduced, the
>> libdladm/dladm, gldv3/mac-wifi plugin, net80211
>> kernel module, ath
>> driver, and nwam have been enhanced
>> to support the WPA/WPA2.
>>
>> At present, we have 5 drivers supporting WPA/WPA2:
>> ath, iwi, wpi, ral,
>> iwk, and if a new driver want to support
>> WPA in future, it's very easy, just additional 2
>> lines codes will be okay.
>>
>
> Is all this integrated in SOLARIS10U4 or is there a patch to add it, and, if
> yes does this patch need a maintenance subscription ?
>
No, the WPA and WiFi driver are only available in Nevada/OpenSolaris.
--
Quaker
> (With this we may hope to get ttls when it becomes available. It is less true
> with the original supplicant, if I understand well)
>
> Marc
>
> Thanks
>
>>>
>>> - some additional porting required for
>>>
>> wpa_supplicant?
>>
>>>
>>>
>> Yes, to support WPA-Enterprise, we need to implement
>> the full IEEE802.1X
>> protocol to the wpa daemon, plus those
>> EAP methods, such as EAP-TLS, EAP-TTLS, ... etc. We
>> need to enhance the
>> libdladm/dladm to support the
>> WPA-Enterprise configuration, nwam too. Since there
>> are some sensitive
>> informations in WPA-Enterprise, like certificates,
>> usernames/passwords, etc, KMF is a must to do this.
>>
>> Wifi drivers and gldv3/net80211 kernel modules
>> needn't to be changed
>> when we go to the WPA-Enterprise..
>>
>> Thanks,
>>
>> --
>> Quaker
>>
>>> or a combination of the three?
>>>
>>>
>>> Features
>>> --------
>>>
>>> Supported WPA/IEEE 802.11i features:
>>> - WPA-PSK ("WPA-Personal")
>>> - WPA with EAP (e.g., with RADIUS authentication
>>>
>> server) ("WPA-Enterprise")
>>
>>> Following authentication methods are supported
>>>
>> with an integrate IEEE 802.1X
>>
>>> Supplicant:
>>> * EAP-TLS
>>> * EAP-PEAP/MSCHAPv2 (both PEAPv0 and PEAPv1)
>>> * EAP-PEAP/TLS (both PEAPv0 and PEAPv1)
>>> * EAP-PEAP/GTC (both PEAPv0 and PEAPv1)
>>> * EAP-PEAP/OTP (both PEAPv0 and PEAPv1)
>>> * EAP-PEAP/MD5-Challenge (both PEAPv0 and PEAPv1)
>>> * EAP-TTLS/EAP-MD5-Challenge
>>> * EAP-TTLS/EAP-GTC
>>> * EAP-TTLS/EAP-OTP
>>> * EAP-TTLS/EAP-MSCHAPv2
>>> * EAP-TTLS/EAP-TLS
>>> * EAP-TTLS/MSCHAPv2
>>> * EAP-TTLS/MSCHAP
>>> * EAP-TTLS/PAP
>>> * EAP-TTLS/CHAP
>>> * EAP-SIM
>>> * LEAP (note: only with WEP keys, i.e., not for
>>>
>> WPA; in addition, LEAP
>>
>>> requires special support from the driver
>>>
>> for IEEE 802.11
>>
>>> authentication)
>>> (following methods are supported, but since they
>>>
>> do not generate keying
>>
>>> material, they cannot be used with WPA or IEEE
>>>
>> 802.1X WEP keying)
>>
>>> * EAP-MD5-Challenge
>>> * EAP-MSCHAPv2
>>> * EAP-GTC
>>> * EAP-OTP
>>> Alternatively, an external program, e.g.,
>>>
>> Xsupplicant, can be used for EAP
>>
>>> authentication.
>>> - key management for CCMP, TKIP, WEP104, WEP40
>>> - RSN/WPA2 (IEEE 802.11i)
>>> * pre-authentication
>>> * PMKSA caching
>>>
>>>
>>>
>>> Casper
>>> _______________________________________________
>>> laptop-discuss mailing list
>>> laptop-discuss at opensolaris.org
>>>
>>>
>> _______________________________________________
>> laptop-discuss mailing list
>> laptop-discuss at opensolaris.org
>>
>
>
> This message posted from opensolaris.org
> _______________________________________________
> laptop-discuss mailing list
> laptop-discuss at opensolaris.org
>
