Welcome!

Welcome to the official BlackBerry Support Community Forums.

This is your resource to discuss support topics with your peers, and learn from each other.

Reply
New Contributor
Posts: 2
Registered: ‎03-17-2009
My Device: Not Specified

Wi-fi eap-ttls - PAP inner security?

i've just got a blackberry 8900 and i can't connect to faculty wireless network due to a "pap - inner link security" demand.

anyone knows any program that can solve that? i've googled a bit and haven't found anything. (few opened topics that all end without a solution).

 

too bad blackberry doesn't support this since lots of universities (www.eduroam.org) and public organizations use this kinda protection, at least in my country. i believe this is a software, not hardware issue, any ideas on this "feature" ? Smiley Happy any words from the developers on this issue?

 

greetz, robert

Guru I
Posts: 19,012
Registered: ‎07-29-2008
My Device: Passport, Playbook, 9320BES
My Carrier: Bouygues _ SFR

Re: Wi-fi eap-ttls - PAP inner security?

PAP stands for "Password authentication protocol". Among all authentication protocols, it is one of the less secured one on earth (the password is broadcast in clear form in an ASCII format, without encryption at all). I do not see why anyone would like to use that.

I doubt that the number of servers using PAP will increase at all.



The search box on top-right of this page is your true friend, and the public Knowledge Base too:
New Contributor
Posts: 2
Registered: ‎03-17-2009
My Device: Not Specified

Re: Wi-fi eap-ttls - PAP inner security?

i'm affraid quite alot of european universities disagree with you on that, eduroam network (link above) uses exactly that. since it doesn't look they will change their protocol, it wouldn't be unreasonable to implement support. secure or not secure, it's widely used.
Guru I
Posts: 19,012
Registered: ‎07-29-2008
My Device: Passport, Playbook, 9320BES
My Carrier: Bouygues _ SFR

Re: Wi-fi eap-ttls - PAP inner security?

I'm just giving my own opinion. I do not with for RIM.

But when Microsoft and Mozilla corp. decided to drop support for SSL v2 because it was far less secure than SSL v3, well, millions of website could not be reached anymore with Internet Explorer or Mozilla Firefox. It's a question of being secure, and of being tolerant towards servers that are not secured.



The search box on top-right of this page is your true friend, and the public Knowledge Base too:
New Contributor
Posts: 2
Registered: ‎07-23-2009
My Device: Not Specified

Re: Wi-fi eap-ttls - PAP inner security?

TTLS-PAP is also used commonly by many organizations with non-Microsoft directory systems. And is commonly used by American universities as well. All three of the schools I attended, Harvard, Berkeley and UPenn, all used TTLS-PAP to secure their wireless networks.... Wild guess, those schools could be filled with idiots, but I'd venture a guess that they have people smart enough to deploy a wifi network properly.

 


Xandrex wrote: 
It's a question of being secure, and of being tolerant towards servers that are not secured.

This isn't accurate. Yes, PAP is not a secure password exchange method. But it is being sent through a TLS tunnel which is very secure. That is like saying sending a password in a web form through a SSL tunnel isn't secure. Well, actually, it is.

 

Also, it isn't for RIM to decide what is / isn't secure on user's wireless networks. Your analogy of SSLv2 just doesn't jive. If security was even an issue (it isn't) and PAP isn't supported because the RIM's great banevolence to their users, why is WEP still support? Or why are open networks supported?

 

All arguments aside TTLS-PAP is a very commonly used 802.1x authentication method supported by Windows Mobile, iPhone, Web OS, Mac OS X and Windows... RIM needs to get it together on this one.

Highlighted
Visitor
Posts: 1
Registered: ‎08-22-2009
My Device: Not Specified

Re: Wi-fi eap-ttls - PAP inner security?

I have the same problem. My university wifi is using TTLS and PAP. And I can't get this Blackbbery Wifi work.

My friend have an iPhone, he can connect to wifi with TTLS and PAP.

Do I need to upgrade my BB OS ?

New Contributor
Posts: 8
Registered: ‎06-27-2009
My Device: BB 8320

Re: Wi-fi eap-ttls - PAP inner security?

Most likey, you will need to upgrade to a non-Blackberry phone, since TTLS/PAP is not available in the 4.5 firmware.  Nor, according to beta testers, is it in 5.x.  Apparently everybody BUT BB supports it.

New Contributor
Posts: 4
Registered: ‎02-11-2010
My Device: bold 9000
My Carrier: tele2

Re: Wi-fi eap-ttls - PAP inner security?

Im very confused that programmers from respectable firm like RIM dont know how to implement this 200 lines of code from this rfc:

 

http://tools.ietf.org/html/rfc1334#section-2

 

I bought BB Bold 9000 and get awfull support for that. Just sentences: It cant be done, Not possible etc.

 

Because nobody in respectable firm like RIM took seriously demand for PAP protocol and problem of EDUORAM i will never buy RIM device again and I advice other dont buy that **bleep**.

New Member
Posts: 1
Registered: ‎03-16-2010
My Device: Curve 8900
My Carrier: AT&T

Re: Wi-fi eap-ttls - PAP inner security?

My school (UPenn which is in the US) also uses TTLS PAP. I bought the BB Curve 8900 so I could use wifi and now I'm very disappointed. If there is a solution I would be thrilled to hear about it.