Actually, the answer is yes, you can support dynamic WEP keys without an EAP authentication method. The way to do this is with a pre-shared key. This requires entering a key or pass phrase on both the client and AP, and enabling WPA-PSK as the security method. The AP and client then use the EAPOL-Key messages to exchange pairwise and group keys. Wi-Fi equipment with the WPA box checked on their capability label provide this function today. 802.11i includes it, as well.
-Bob -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Nelson, David Sent: Wednesday, December 03, 2003 6:38 AM To: [EMAIL PROTECTED] Subject: RE: [BAWUG] Dynamic WEP Keys Krishna writes... > Can any one let me know, whether we can support > Dynamic WEP Keys without using EAP-methods like > EAP-TLS etc?? No. The IEEE 802.1X EAPOL key messages require TLS-based authentication to derive fresh session keys with which to protect the distribution of Dynamic WEP keys. While other key management methods are, of course, possible, they would be proprietary. Regards, Dave David B. Nelson Wireless & AAA Architect, Office of the CTO Enterasys Networks, Inc. 50 Minuteman Road Andover, MA 01810-1008 Phone: (978) 684-1330 E-mail: [EMAIL PROTECTED] -- general wireless list, a bawug thing <http://www.bawug.org/> [un]subscribe: http://lists.bawug.org/mailman/listinfo/wireless -- general wireless list, a bawug thing <http://www.bawug.org/> [un]subscribe: http://lists.bawug.org/mailman/listinfo/wireless
