[RFC][PATCH 0/5] wpa_supplicant: Support realms according to 3GPP TS 23.003

Simon Baatz gmbnomis
Wed Jan 4 13:25:01 PST 2012


Am 04.01.2012 19:25, schrieb Dan Williams:
> Does the user or sysadmin just have to know that the realm is
> required? Or can this be determined automatically? 

According to the EAP-SIM RFC, basically the user or sysadmin has to know
if a realm has to be used (see RFC 4186, section 4.2.1.5. NAI Realm
Portion) and how the realm should look like. However, if no realm has
been configured, the peer may use the 3gppnetwork.org realm.
As far as I know, the use the of 3gppnetwork.org realm in existing
terminal implementations is very common, i.e. it is used automatically
once EAP-SIM/AKA is enabled.

With respect to the server part, the EAP-SIM/AKA servers of hostapd
don't require a realm. If a realm is present, they accept any realm.
Additionally, there is RFC 4284, which allows the server to provide
identity selection hints in the form of a list of realms (this is not
specific to EAP-SIM/AKA). This may be configured on the server side
today (see example hostapd.conf). I don't think that this is currently
supported by wpa_supplicant (and I have no idea whether supporting this
would solve any real problem).

- Simon



More information about the Hostap mailing list