Wireless Provisioning Service Protocol

Josh Howlett josh.howlett at bristol.ac.uk
Fri Oct 7 23:28:57 CEST 2005


Hi Artur,

>> A much more sane approach, IMHO, is simple authentication-by-proxy  as 
>> implemented by several roaming consortia.
>
> are we still talking about L2 security? if yes, can you provide some  
> references on this? i don't know anything about it.

I mean EAP over RADIUS within a roaming consortium. A good example of 
one, which I'm involved in, is eduroam (www.eduroam.org).

Most of the effort in WPS is expended in provisioning configuration 
stuff (SSID names, etc). But it's reasonably trivial for a roaming 
consortium to agree on these without requiring a protocol like WPS.

>> Microsoft should put more effort into fixing their terribly broken  
>> supplicant, and stop trying to invent wheels...
> 
> that's where we almost agree :-) MS really could and should improve  
> their supplicant a lot, both in terms of correctness and in terms of  
> usability. it's still a pain in the ass to use. the supported EAP  
> methods are scarce. the API has changed several times since XP and  the 
> newest one is difficult to decipher... (greetings to Tom).
> 
> however, i do expect from somebody as big as microsoft to do  research, 
> to invent stuff and to specify new things. btw, that's what  the 
> community was always critisizing MS before. they did hire some of  the 
> best scientists (look at their R&D stuff), so why shouldn't they  invent 
> new things now?

It would be nice if this stuff ended up in their products, and worked!

josh.



More information about the Freeradius-Users mailing list