Repository : ssh://git@diktynna/doc On branches: backup-redmine/2024-02-03,main

commit fbf9613096fb09d5cabe8c57b7b04398b771134e Author: Linus Lüssing linus.luessing@c0d3.blue Date: Sat Feb 3 05:45:09 2024 +0000

doc: open-mesh/OpenHarbors

fbf9613096fb09d5cabe8c57b7b04398b771134e open-mesh/OpenHarbors.textile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/open-mesh/OpenHarbors.textile b/open-mesh/OpenHarbors.textile index 56500b20..5b2cc6b2 100644 --- a/open-mesh/OpenHarbors.textile +++ b/open-mesh/OpenHarbors.textile @@ -37,10 +37,10 @@ Unfortunately, WPA-Enterprise / Hotspot 2.0/Passpoint like as follows has concep

With WPA-Enterprise:

-* WPA payload frames are encrypted between the client device (ak. supplicant) and the AP it connects to through the Pairwise-Master-Key +* WPA payload frames are encrypted between the client device (ak. supplicant) and the AP (ak. authenticator) it connects to through the Pairwise-Master-Key * The PMK is securely established via EAP between client device and a RADIUS server (ak. authentication server) * The communication between the AP and the RADIUS server might be encrypted via TLS ("RadSec":https://en.wikipedia.org/wiki/RadSec) -* However, the PMK after it was generated is then forwarded from the RADIUS server to and installed on the AP (ak. authenticator). +* However, the PMK after it was generated is then forwarded from the RADIUS server to and installed on the AP. -> the RADIUS server needs to **trust** the AP here

----