On 13/09/12 15:52, Francois Gaudreault wrote:
Well you are probably right, but when providers will start pushing 3G/4G offload for real (if they ever do), there are not many ways of doing it... I think :P The reason of those tests on our side is to support WISPr and/or NewGen hotspots with our product.
That's a big "if", IMO. EAP-SIM would in theory be quite nice for a number of reasons right now, even without offload. It's a built-in, secure credential. Unfortunately, as our off-list emails suggests, you can't get easy access to SIM secrets in the general case (for obvious reasons). So unless someone (i.e. the mobile phone providers) starts running a radius server you can proxy *.3gppnetwork.org to, I can't see EAP-SIM being part of the solution. Far more likely is manufacturer-installed X.509 certs and EAP-TLS or a variant, or even EAP-TEAP with PAC or cert provisioning.