This page uses content from Wikipedia and is licensed under CC BY-SA.
IEEE 802.11u-2011 is an amendment to the IEEE 802.11-2007 standard to add features that improve interworking with external networks.
802.11 is a family of IEEE technical standards for mobile communication devices such as laptop computers or multi-mode phones to join a wireless local area network (WLAN) widely used in the home, public hotspots and commercial establishments.
The IEEE 802.11u standard was published on February 25, 2011.
This provides a mapping between the IP’s differentiated services code point (DSCP) to over-the-air Layer 2 priority on a per-device basis, facilitating end-to-end QoS.
IEEE 802.11 currently makes an assumption that a user's device is pre-authorized to use the network. IEEE 802.11u covers the cases where that device is not pre-authorized. A network will be able to allow access based on the user's relationship with an external network (e.g. hotspot roaming agreements), or indicate that online enrollment is possible, or allow access to a strictly limited set of services such as emergency services (client to authority and authority to client.)
From a user perspective, the aim is to improve the experience of a traveling user who turns on a laptop in a hotel many miles from home, or uses a mobile device to place a phone call. Instead of being presented with a long list of largely meaningless SSIDs the user could be presented with a list of networks, the services they provide, and the conditions under which the user could access them. 802.11u is central to the adoption of UMA and other approaches to network mobile devices.
Because a relatively sophisticated set of conditions can be presented, arbitrary contracts could be presented to the user, and might include providing information on motive, demographics or geographic origin of the user. As such data is valuable to tourism promotion and other public functions, 802.11u is thought to motivate more extensive deployment of IEEE 802.11s mesh networks.
Mobile users, whose devices can move between 3G and Wi-Fi networks at a low level using 802.21 handoff, also need a unified and reliable way to authorize their access to all of those networks. 802.11u provides a common abstraction that all networks regardless of protocol can use to provide a common authentication experience.
The IEEE 802.11u requirements specification contains requirements in the areas of enrollment, network selection, emergency call support, emergency alert notification, user traffic segmentation, and service advertisement.
There have been proposals to use IEEE 802.11u for access points to signal that they allow EAP-TLS using only server-side authentication. Unlike most TLS implementations of HTTPS, such as major web browsers, the majority of implementations of EAP-TLS require client-side X.509 certificates without giving the option to disable the requirement, even though the standard does not mandate their use, which some have identified as having the potential to dramatically reduce adoption of EAP-TLS and prevent "open" but encrypted access points.
The certificate_request message is included when the server desires the peer to authenticate itself via public key. While the EAP server SHOULD require peer authentication, this is not mandatory, since there are circumstances in which peer authentication will not be needed (e.g., emergency services, as described in [UNAUTH]), or where the peer will authenticate via some other means.