Certificate Provisioning for EAP-TLS Networks

Luciano Afranllie listas.luafran at gmail.com
Thu Jan 29 17:02:01 CET 2009


On Thu, Jan 29, 2009 at 12:52 PM, Matt Causey <matt.causey at gmail.com> wrote:
> I am running FreeRadius at my company on a WLAN - using SSL key
> material issued by our internal certificate authority.  All is well.
>
> However a pretty big limitation of this security architecture is of
> course getting the SSL key material onto the devices.  In our case -
> the devices are SIP phones with no wired ethernet connection.  I know
> there are other sites with similar issues.
>
> I would like to hear some ideas on what folks are doing to manage SSL
> key material on devices.  This would include initial key provisioning
> and re-keying when certs expire.  Presently ours expire every 90 days.
>
> Thoughts?

You can check and may be take some ideas from wimax forum guys.

Go to www.wimaxforum.org. Register and login. Go to Network Working
Group and check for OTA Provisioning and Network Architecture (stage 2
and 3) specifications.

Regards
Luciano



More information about the Freeradius-Users mailing list