Talk:IEEE 802.1X

From Wikipedia, the free encyclopedia
Jump to: navigation, search
WikiProject Computing / Networking / Security (Rated C-class, Mid-importance)
WikiProject icon This article is within the scope of WikiProject Computing, a collaborative effort to improve the coverage of computers, computing, and information technology on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.
C-Class article C  This article has been rated as C-Class on the project's quality scale.
 Mid  This article has been rated as Mid-importance on the project's importance scale.
Taskforce icon
This article is supported by Networking task force (marked as Mid-importance).
Taskforce icon
This article is supported by WikiProject Computer Security (marked as Mid-importance).


In "RFC 2284 has been obsoleted by RFC 3748", should 'obseleted' by replaced by 'superceded' ? I've not heard obseleted before, but I'm hesitant to replace it in case it has some specific/technical meaning here.

Yes, in IETF usage, "obsoleted" is the word that is used. E.g., RFC 3748 reads "This document obsoletes RFC 2284".Derek Balsam 14:22, 4 September 2006 (UTC)

Generation of Keying material[edit]

This article describes (only) how a user is authenticated to a network. Although this is not part of the ieee802.1x standard, the authentication exchange will often establish a secret key (pairwise master key) between the authenticator and the supplicant. In the case of WPA, this key is later used to derive the keys used for encrypting the connection. I think it would be good to mention this, as it helps undestanding the relationship between 802.1x and other standards. What do others think? Jonas Wagner (talk) 09:23, 18 June 2010 (UTC)

WP:Be bold, but use sources. -- KelleyCook (talk) 11:42, 19 June 2010 (UTC)

Unix implementations[edit]

This article needs information regarding 802.1X implementations for Unix systems (Solaris, AIX, HP-UX, IRIX, Tru64, and others.) — Preceding unsigned comment added by (talk) 11:16, 21 July 2011 (UTC)

Also for Linux based systems. --Rprpr (talk) 14:00, 15 November 2012 (UTC)

MAC Bypass section relevance?[edit]

Although I do understand how this particular section is indirectly related to the topic, it seems to me as if a specific feature offered by network appliances that is not actually part of 802.1X itself seems a bit tangential and does not particularly contribute to the understanding of 802.1X. I propose that this section be removed; further input from others would be appreciated. Jonathan FarnhamJ 01:00, 6 February 2013 (UTC)

It does not strike me as irrelevant. Perhaps it is misplaced. It actually points out a significant weakness of 802.1X. You create a potentially large security hole and/or administrative headache connecting devices to your network that don't support 802.1X. There are many such devices. -—Kvng 15:46, 10 February 2013 (UTC)
Yes, this I understand-- however, in the example you give, it is the absence of 802.1X authentication in specific devices, rather than an issue with 802.1X itself that is the issue. Perhaps a "shortcomings" type of section might be good, with this particular facet included, however, it doesn't really fit into the Vulnerabilities section, and it definitely is misplaced where it currently is. Jonathan FarnhamJ 22:16, 10 February 2013 (UTC)
It is under a heading describing device support, and describes what happens when a device is not supported. — Preceding unsigned comment added by (talk) 23:55, 11 February 2013 (UTC)