From: jpo234 <pommnitz@yahoo.com>
To: linux-wireless@vger.kernel.org
Subject: Re: WPA for Ethernet?
Date: Mon, 14 Feb 2011 13:03:53 +0000 (UTC) [thread overview]
Message-ID: <loom.20110214T134440-308@post.gmane.org> (raw)
In-Reply-To: 20110214121013.GA6431@jm.kir.nu
Jouni Malinen <j <at> w1.fi> writes:
> Are you looking for a custom solution that would not work with anyone
> else or a standard solutions like MACsec that Henry already mentioned?
I'm not sure yet. I'm looking for any reasonable solution and obviously
an accepted standard would be a plus, but I would not completely rule out
a custom solution.
> You could obviously make the kernel do some custom hacks like trying to
> fit IEEE 802.11 encryption into other network types, but it would sound
> more reasonable to work on a standard solution..
My ideal solution would work for both, wired Ethernet and 802.11 (in
IBSS-mode btw.).
> CCMP is designed for IEEE 802.11 header and as such, it does not really
> work as-is with other network types. WPA-PSK 4-way handshake could be
> used to manage keys with some small changes, but this would be very much
> a custom solution.
Thanks for sharing your insights. They are much appreciated!
Initially I didn't provide much details because I thought that my questions
were too far off topic for the wireless list. Since it seems people are willing
to discuss it here, I'll provide a more detailed description of my problem:
I'm working on a wireless communication system for public safety organizations.
Normally it uses a wireless MANET with OLSR routing as backbone, but sometimes
the OLSR MANET gets extended over wired Ethernet links.
Up until now the communication is secured with IPsec. This works reasonably
well for unicast data, but gets a really big headache for Multicast (think
video from network cameras).
Now I'm looking for a sane security solution that would work over both, 802.11
and Ethernet and supports Multicast. I could probably get an insane IPsec
solution working, but it would feel less than satisfactory.
Regards
Joerg
next prev parent reply other threads:[~2011-02-14 13:04 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-02-11 15:39 WPA for Ethernet? jpo234
2011-02-11 16:28 ` John W. Linville
2011-02-12 0:08 ` jpo
2011-02-14 12:10 ` Jouni Malinen
2011-02-14 13:03 ` jpo234 [this message]
-- strict thread matches above, loose matches on Subject: below --
2011-02-11 16:51 Henry Ptasinski
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=loom.20110214T134440-308@post.gmane.org \
--to=pommnitz@yahoo.com \
--cc=linux-wireless@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).