Hi, > In terms of major EAP deployments that support inter-domain roaming > with substantial usage, one deployment (EDUROAM) is several orders of > magnitude larger than any other that I am aware of. I can confirm taht eduroam is EAP with mutual authentication only, and spans some 35 countries right now; approx. 500 universities and other scientific institutions. I'm not aware of any larger deployment in the world. BTW, we do see some shortcomings of EAPoL and 802.1X, most notably the lack of properly informing the user what went wrong if something went wrong. But that's another story and OT here I guess. > As far as I know, EDUROAM does not use Diameter nor are there any > major deployments of Diameter EAP. We seriously considered it, but since Diameter+NASREQ+EAP + decent backend connections didn't manifest implementation-wise, it was never taken further. RadSec solved most of the problems we had. Greetings, Stefan Winter -- Stefan WINTER Stiftung RESTENA - Réseau Téléinformatique de l'Education Nationale et de la Recherche Ingenieur Forschung & Entwicklung 6, rue Richard Coudenhove-Kalergi L-1359 Luxembourg E-Mail: stefan.winter@restena.lu Tel.: +352 424409-1 http://www.restena.lu Fax: +352 422473
Attachment:
signature.asc
Description: This is a digitally signed message part.