From owner-freebsd-stable@FreeBSD.ORG  Wed Jul 23 03:40:30 2003
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id CAB0F37B401
	for <freebsd-stable@freebsd.org>;
	Wed, 23 Jul 2003 03:40:30 -0700 (PDT)
Received: from mail.rfc1149.net (marvin.enst.fr [137.194.161.2])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 1A00043F75
	for <freebsd-stable@freebsd.org>;
	Wed, 23 Jul 2003 03:40:30 -0700 (PDT)	(envelope-from sam@rfc1149.net)
Received: from beeblebrox.rfc1149.net (beeblebrox-tun.enst.fr
	[137.194.161.40])	by mail.rfc1149.net (Postfix) with ESMTP
	id A78A7A802E; Wed, 23 Jul 2003 12:40:27 +0200 (CEST)
Received: by beeblebrox.rfc1149.net (Postfix, from userid 1000)
	id DE7F2341; Wed, 23 Jul 2003 12:40:26 +0200 (CEST)
Date: Wed, 23 Jul 2003 12:40:26 +0200
To: Christophe Prevotaux <c.prevotaux@hexanet.fr>
References: <87adb5a7bd.fsf@inf.enst.fr> <3F1E6216.4060707@fsn.hu>
	<2003-07-23-12-27-43+trackit+sam@rfc1149.net>
	<20030723123653.05f03267.c.prevotaux@hexanet.fr>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20030723123653.05f03267.c.prevotaux@hexanet.fr>
User-Agent: Mutt/1.4.1i
From: Samuel Tardieu <sam@rfc1149.net>
Organization: RFC 1149 (see http://www.rfc1149.net/)
Content-Transfer-Encoding: 8bit
Precedence: special-delivery
X-WWW: http://www.rfc1149.net/sam
X-Mail-Processing: Sam's procmail tools
X-Jabber: <sam@amessage.de> (see http://www.jabber.org/)
X-OpenPGP-Fingerprint: 79C0 AE3C CEA8 F17B 0EF1  45A5 F133 2241 1B80 ADE6 (see
	http://www.gnupg.org/)
X-Sam-Laptop: yes
Message-Id: <2003-07-23-12-40-26+trackit+sam@rfc1149.net>
cc: freebsd-stable@freebsd.org
Subject: Re: 802.1x
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.1
List-Id: Production branch of FreeBSD source code
	<freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 23 Jul 2003 10:40:31 -0000

On 23/07, Christophe Prevotaux wrote:

| AFAIK , 802.1x will only do auth and do any equivalent of VPN
| if you need to crypt the transmission of the data and not only auth
| then you need to do something else like PPTP , IPSEC etc...

That's exactly (the "auth" part) what I want to do. I already use IPSEC
in tunnel mode, but I'd prefer separate authentication and crypto (the
former goes between the mobile device and the access point while the
latter is between the mobile device and the service being accessed).

| I also would someone to make include open802.1x in the port tree
| I have not seen it in there so far

Did anyone test it with FreeBSD?

  Sam