RFC4334 (obsoletes RFC3770) X.509 Extensions and Attributes for EAP-TLS WLANs
https://www.rfc-editor.org/rfc/rfc4334.txt
Surprisingly short read, with incredibly little – effectively “no” – information on anyone actually implementing it. Unsure at this point if anyone actually has, if it’s something that’s just done within larger proprietary systems, or whether it’s not done at all because clients don’t take advantage of it. Virtually every reference I could find to “SSIDList” or “id-aca-wlanSSID” points back to the RFC documents. This probably means that I need to create a few certificates, some with the attributes and some without, and test some clients to see if they will actually use the certificates automatically to associate to a WPA2 EAP-TLS protected network when they have a certificate with a matching ID. Time will probably not allow for this at any point in the near future.
Leave a Reply