Wired

Derek Schuff schuffdl
Tue Jun 1 05:24:05 PDT 2004 

Even if the open1x authenticator worked, it may not be very useful anyway. For 
wired 802.1X setups, the authenticator is generally implemented at the 
switch, where you obviously can't just load your own software. I suppose it 
might be possible to have a host acting as a bridge between 2 networks and 
try having the authenticator there, (so unauthenticated clients could reach 
each other but not the rest of the network) but what kind of setup did you 
have in mind?

On Monday 31 May 2004 11:47 pm, Jouni Malinen wrote:
> On Mon, May 31, 2004 at 07:57:43AM +0200, Bastos Fernandez Alexandre wrote:
> > I am a newbie to the world of MAC security, and my interest is on
> > implementing authentication, key management and cryptography in a wired
> > 802.3 Ethernet.
> >
> > I have found that HostAP is the most popular implementation of the
> > Authenticator, but I have read that it is only for wireless (802.11)
> > networks. Is that true? Is there any plan to implement HostAP for wired
> > networks? Which are the points involved on such a implementations which
> > avoids using HostAP on 802.3? Does anyone know another open-source
> > Authenticator for wired LAN?
>
> Yes, it is true that the IEEE 802.1X Authenticator in hostapd is
> currently quite tightly integrated with IEEE 802.11 functionality and
> cannot be used on wired networks. I would prefer to make it much more
> modular in the same way as IEEE 802.1X Supplicant is in wpa_supplicant.
> This would make it easier to use the Authenticator functionality with
> both other wireless drivers and wired networks. However, I do not know
> when I will be able to get enough time to do this.
>
> Open1x project (http://www.open1x.org/) has another open source IEEE
> 802.1X Authenticator implementation which, I believe, was originally
> used on wired networks, so it might be another option for you. However,
> it looks like Open1x has been concentrating mostly on the Supplicant
> part and the Authenticator code has not been changed at all during last
> couple of years.

More information about the Hostap mailing list