rsa key length in EAP-TLS.

Hi all, as of yesterday I have updated the certificates to use a 2048 bit key. The odd thing is that when I start freeradius, I get the message: tls: rsa_key_exchange = no tls: dh_key_exchange = yes tls: rsa_key_length = 512 tls: dh_key_length = 512 the length seems to be 512. (?) I would

fast auth time with EAP_TLS?

Dear all, I have setup a RADIUS server (freeradius of course) with an authenticator (hostapd 0.4.7) and a supplicant (wpa_supplicant 0.4.7). Both the last two use hostap-driver 0.4.7. I am using EAP-TLS (client and server certificates generated by the CA.all script included in freeradius)

Re: fast auth time with EAP_TLS?

the security of the system. Probably I am not making much sense, however, if you think that this is not a problem and this behavior looks normal to you, then it is good enough for me. Thanks, Andrea Alan DeKok wrote: Andrea G Forte [EMAIL PROTECTED] wrote: The problem is that it is taking too

Re: General question on Radius/802.1x

Thank you all for your help. Andrea -- Andrea G. Forte On Thu, 18 Nov 2004, Joe Matuscak wrote: On Thu, 18 Nov 2004, Andrea G. Forte wrote: The assumption made here is that the authenticator is the AP. I believe things would be much easier and still safe if one authenticator would

Re: General question on Radius/802.1x

The supplicant needs to authenticate anytime it wishes to get L2 access. It is an extention of the Authenticate Associate MAC processes. Why the authentication is done every single time L2 handoff occurs? Usually for 802.11b, I can cover a building floor with about two or three APs and for

Re: General question on Radius/802.1x

On 11/17/2004 11:01 AM, Andrea G. Forte wrote: Hi all, I am new to WPA/802.11i and I have a few doubts. I hope you can help me. What is not clear to me is how often a supplicant needs to authenticate to the server...is it everytime the supplicant performs a L2 handoff? The supplicant needs

Re: EAP-TLS and WEP key generation

and AP blank? Thanx in advance Chris Bradshaw From: Andrea G. Forte [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: EAP-TLS and WEP key generation Date: Wed, 19 May 2004 17:25:12 -0400 (EDT) Chris, the whole purpose of 802.1x is to generate a secure

Re: ...error with issuer certificate.

Hi all, we figured this problem out...but of course new are coming..so if we cannot solve them we will send another email to the list. Thank you all, Andrea On Wed, 19 May 2004, Andrea G. Forte wrote: Hi all, I am new to the list and to radius. I am using: -Laptop1: AP/hostap with 802.1x

Re: EAP-TLS and WEP key generation

Chris, the whole purpose of 802.1x is to generate a secure auth mechanism and dynamic re-keying. I have used hostapd together with freeradius and the key generation as well as the re-keying are automatic. You can set the re-keying interval as well. I am not familiar with your setup, but a way to