wpa_supplicant and EAP-TLS
Tue Feb 24 20:58:57 PST 2004
On Mon, Feb 23, 2004 at 10:26:22PM -0800, Jouni Malinen wrote:
> The current implementation is still quite experimental, although mostly
> functional. Some parts have not yet been implemented and the
> implementation should not be considered to be secure at this point,
> e.g., due to missing Michael MIC countermeasures (hostapd) and server
> certificate verification (wpa_supplicant).
I fixed couple of bugs in the EAP-TLS code and wpa_supplicant should now
work correctly with it. Server certificate is now verified and
authentication is aborted if validation fails. So far, I have only
tested with FreeRADIUS as the authentication server. If someone happens
to test wpa_supplicant against other authentication servers, I would be
interested in hearing of results.
Jouni Malinen PGP id EFC895FA
More information about the Hostap