WPA EAP-TLS
From: Steve (no-address_at_hatespam.com)
Date: 06/20/04
- Next message: Steve: "Re: simple theoretical 802.1x question"
- Previous message: Maarten: "simple theoretical 802.1x question"
- Next in thread: Steve: "Authorizing a EAP-TLS client"
- Reply: Steve: "Authorizing a EAP-TLS client"
- Messages sorted by: [ date ] [ thread ]
Date: Sun, 20 Jun 2004 09:41:32 GMT
General questions on WPA and IAS authentication of a WPA EAP-TLS client with
the MS CryptAPI.
I am trying to understand what would be involved in supporting a
non-Microsoft WPA client where the client has embedded within it an X.509
certificate. The embedded certificate would NOT have user identifying
information in it, but would instead have information related to the device
(CN=serial number for example). In effect this is a 'computer certificate'
although this client would not be part of a domain and has nothing to do
with Microsoft's computer certificates.
I believe the first thing I would need is a CSP that is an RSA Schannel CSP.
Once I had my own CSP, how much control does my CSP have to verify the
client certificates? Does IAS and the CryptoAPI enforce any expectations on
the contents of a client certificate that is used for WPA if the certificate
is in fact mapped to a non-Microsoft CSP?
Steve
- Next message: Steve: "Re: simple theoretical 802.1x question"
- Previous message: Maarten: "simple theoretical 802.1x question"
- Next in thread: Steve: "Authorizing a EAP-TLS client"
- Reply: Steve: "Authorizing a EAP-TLS client"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
