What is your name?
What is your quest?
What is your favorite color?
— The Bridgekeeper
Monty Python and the Holy Grail
Security is a common thread linking many of the wireless LAN stories in the news throughout the past several years, and polls repeatedly show that network managers consider security to be a significant obstacle to wider deployment of wireless LANs. Many of the security problems that have prevented stronger acceptance of 802.11 are caused by flaws in the design of static WEP.
Manual WEP attempts to be too many solutions to multiple problems. It was intended to be used both for authentication, by restricting access to those in possession of a key, and confidentiality, by encrypting data as it traversed wireless links. In the final analysis, it does neither particularly well. Both authentication and confidentiality are important issues for wireless LANs, and the subject of a great deal of technology development since the first edition of this book.
This chapter takes on the problem of authentication, which is provided at the link layer through the use of 802.1X. 802.1X has matured a great deal since the first edition of this book, and is increasingly the authentication protocol of choice on wireless LANs. Static WEP authenticates machines in possession of a cryptographic key. 802.1X allows network administrators to authenticate users rather than machines, and can be used to ensure that users connect to legitimate, authorized ...