RFC 3748 compliancy
Alan DeKok
aland at deployingradius.com
Thu Feb 1 08:43:29 CET 2007
Geoffroy Arnoud wrote:
> I took a look at EAP method source code (even if
> crypto is not my speciality), and I'm wondering if all
> EAP methods shipped into freeRADIUS are compliant with
> RFC3748, regarding MSK and EMSK generation?
No. EAP-MD5 explicitely doesn't do MSK generation.
> Which are the EAP methods that supports key
> derivation?
All of the SSL enabled methods. (PEAP, TLS, TTLS, SIM).
> And regarding other EAP methods, is there a way to add
> EMSK generation (maybe this is a stupid question)?
src/modules/rlm_eap/libeap/eapcrypto.c
It already does EMSK generation for SIM.
> I need those answers to see if FreeRADIUS would be
> able to act as a EAP RADIUS server compliant with
> WiMAX NWG stage 3.
I'm not sure what that means. Can you clarify?
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
More information about the Freeradius-Devel
mailing list