Network Computingwww.networkcomputing.com

The IEEE 802 LAN/MAN Standards Committee began meeting in 1980, and has produced an abundance of technologies, including 802.3 (Ethernet), 802.4 (Token Ring) and 802.11 (wireless LAN). The 802.1 committee is the working group for higher-layer LAN protocols, including the overall 802 architecture, MAC bridging and network management. The 802.1d standard for MAC bridges (switches) and the 802.1Q standard for VLANs are the best-known standards to emerge from this group--so far, anyway. That may change: The 802.1x committee is working on providing a standards-based solution to access control for the entire range of 802 technologies.

"802.1x is intended as a general-purpose access-control mechanism for LAN ports, not just for 802.11," says Tony Jeffree, chairman of the working group. "The authentication mechanism is based on Extensible Authentication Protocol in RADIUS."

RADIUS (Remote Authentication Dial-In User Service) is an IETF standard method for providing authentication services. Extensible Authentication Protocol (EAP) lets a client negotiate authentication protocols with the authentication server. For example, a client could check to see if the server would use a certain type of smartcard and, if not, might agree to use CHAP (Challenge Handshake Authentication Protocol).

According to Jeffree, the 802.1x standard allows encryption keys for the connection to be exchanged. However, the 802.11b committee must provide the details of the algorithms that would use the key. The standard could complete its external Sponsor Ballot by March. It would then require final standards board approval and could appear in products in the first half of 2002.