From: Hans Schultz <schultz.hans@gmail.com>
To: Jakub Kicinski <kuba@kernel.org>, Hans Schultz <schultz.hans@gmail.com>
Cc: davem@davemloft.net, netdev@vger.kernel.org
Subject: Re: [PATCH net-next v2 0/5] Add support for locked bridge ports (for 802.1X)
Date: Mon, 14 Feb 2022 09:58:12 +0100 [thread overview]
Message-ID: <86h791hljv.fsf@gmail.com> (raw)
In-Reply-To: <20220211145957.5680d99b@kicinski-fedora-pc1c0hjn.dhcp.thefacebook.com>
On fre, feb 11, 2022 at 14:59, Jakub Kicinski <kuba@kernel.org> wrote:
> On Wed, 9 Feb 2022 14:05:32 +0100 Hans Schultz wrote:
>> The most common approach is to use the IEEE 802.1X protocol to take
>> care of the authorization of allowed users to gain access by opening
>> for the source address of the authorized host.
>
> noob question - this is 802.1x without crypto? I'm trying to understand
> the system you're describing.
No, user space will take care of authentication, f.ex. hostapd, so in a
typical setup the supplicant and the authentication daemon will take
care of all crypto related stuff in their communication.
So the authentication daemon will open the port for the authenticated
supplicant. See the cover letter.
next prev parent reply other threads:[~2022-02-14 8:58 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-02-09 13:05 [PATCH net-next v2 0/5] Add support for locked bridge ports (for 802.1X) Hans Schultz
2022-02-09 13:05 ` [PATCH net-next v2 1/5] net: bridge: Add support for bridge port in locked mode Hans Schultz
2022-02-10 8:30 ` Nikolay Aleksandrov
2022-02-10 10:20 ` Ido Schimmel
2022-02-09 13:05 ` [PATCH net-next v2 2/5] net: bridge: Add support for offloading of locked port flag Hans Schultz
2022-02-10 8:30 ` Nikolay Aleksandrov
2022-02-09 13:05 ` [PATCH net-next v2 3/5] net: dsa: Add support for offloaded " Hans Schultz
2022-02-10 17:09 ` Vladimir Oltean
2022-02-09 13:05 ` [PATCH net-next v2 4/5] net: dsa: mv88e6xxx: Add support for bridge port locked mode Hans Schultz
2022-02-09 13:05 ` [PATCH net-next v2 5/5] net: bridge: Refactor bridge port in locked mode to use jump labels Hans Schultz
2022-02-10 8:31 ` Nikolay Aleksandrov
2022-02-10 9:22 ` Hans Schultz
2022-02-09 16:31 ` [PATCH net-next v2 0/5] Add support for locked bridge ports (for 802.1X) Ido Schimmel
2022-02-10 9:07 ` Hans Schultz
2022-02-10 10:24 ` Ido Schimmel
2022-02-11 18:11 ` Florian Fainelli
2022-02-11 21:01 ` Vladimir Oltean
2022-02-13 18:44 ` Tobias Waldekranz
2022-02-11 22:59 ` Jakub Kicinski
2022-02-14 8:58 ` Hans Schultz [this message]
2022-02-14 16:16 ` Jakub Kicinski
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=86h791hljv.fsf@gmail.com \
--to=schultz.hans@gmail.com \
--cc=davem@davemloft.net \
--cc=kuba@kernel.org \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).