EAP-TLS without client authentication
tnt at kalik.net
tnt at kalik.net
Thu Jan 8 20:08:20 CET 2009
>While WPA and WPA2 does provide for
>data-link encryption, it needs keying material to encrypt the
>communication. It can use a pre-shared key (PSK) for this purpose,
>but this has the drawbacks of communicating the key to the user and
>configuration on the end users part.
So they don't want PSK.
>The two downsides of this approach is similar to PSKs, in that you
>have to have a mechanism to communicate the configuration information,
>and the configuration is burdensome on the user. I have proposed this
>solution to hotspot operators whom, after testing, have rejected it as
>too difficult for the user.
And configuring something that Microsoft calls Zero Configuration is too
complicated.
Use captive portal then.
Ivan Kalik
Kalik Informatika ISP
More information about the Freeradius-Users
mailing list