

<META content="text/html; charset=gb2312" http-equiv=Content-Type>

<META name=GENERATOR content="MSHTML 8.00.6001.19019">


<DIV><FONT color=#000080 size=2 face=Verdana><FONT color=#000000> </FONT>I 

think the packets described in red rect should be communicate 

between client and server, when the certificate verification failed. 

</FONT></DIV>

<DIV><IMG src="/attachment/4565453/0/Catch0.bmp"></DIV>

<DIV><FONT color=#000080 size=2 face=Verdana></FONT> </DIV>

<DIV><FONT color=#000080 size=2 face=Verdana></FONT> </DIV>

<DIV><FONT color=#c0c0c0 size=2 face=Verdana>2011-07-09 </FONT></DIV><FONT 

color=#000080 size=2 face=Verdana>

<HR style="WIDTH: 122px; HEIGHT: 2px" align=left SIZE=2>

</FONT>

<DIV><FONT color=#c0c0c0 size=2 face=Verdana><SPAN>yuqiang1973</SPAN> 

</FONT></DIV><FONT color=#000080 size=2 face=Verdana>

<HR>

</FONT>

<DIV><FONT size=2 face=Verdana><STRONG>发件人：</STRONG> Alan DeKok-2 [via 

FreeRadius] </FONT></DIV>

<DIV><FONT size=2 face=Verdana><STRONG>发送时间：</STRONG> 2011-07-09  00:21:07 

</FONT></DIV>

<DIV><FONT size=2 face=Verdana><STRONG>收件人：</STRONG> yuqiang </FONT></DIV>

<DIV><FONT size=2 face=Verdana><STRONG>抄送：</STRONG> </FONT></DIV>

<DIV><FONT size=2 face=Verdana><STRONG>主题：</STRONG> Re: Missing SSL Change 

Cipher Spec in EAP-TLS withClientCertificate verify failed </FONT></DIV>

<DIV><FONT size=2 face=Verdana></FONT> </DIV>

<DIV><FONT size=2 face=Verdana>Phil Mayers wrote: <BR>> EAP-TLS in FreeRADIUS 

WORKS. Stop posting nonsense about RFC compliance. <BR><BR>  If the 

certificate verification fails, then the server is *supposed* <BR>to stop the 

EAP-TLS conversation. <BR><BR>> FreeRADIUS just uses OpenSSL. OpenSSL works. 

OpenSSL is compliant with <BR>> the standards. <BR>> <BR>> There is 

nothing wrong with FreeRADIUS or OpenSSL. <BR><BR>  Everything is working 

as expected, and as required by the specifications. <BR><BR>  Alan DeKok. 

<BR>- <BR>List info/subscribe/unsubscribe? See <A 

href="http://www.freeradius.org/list/devel.html" rel="nofollow" target=_top link="external">http://www.freeradius.org/list/devel.html</A><BR><BR><BR>

<HR color=#cccccc SIZE=1 noShade>


<DIV style="FONT: 12px tahoma,geneva,helvetica,arial,sans-serif; COLOR: #444">

<DIV style="FONT-WEIGHT: bold">If you reply to this email, your message will be 

added to the discussion below:</DIV><A 

href="http://freeradius.1045715.n5.nabble.com/Missing-SSL-Change-Cipher-Spec-in-EAP-TLS-with-Client-Certificate-verify-failed-tp4565228p4565389.html" target="_top" rel="nofollow" link="external">http://freeradius.1045715.n5.nabble.com/Missing-SSL-Change-Cipher-Spec-in-EAP-TLS-with-Client-Certificate-verify-failed-tp4565228p4565389.html</A> 

</DIV>

<DIV 

style="MARGIN-TOP: 0.4em; FONT: 11px tahoma,geneva,helvetica,arial,sans-serif; COLOR: #666">To 

unsubscribe from Missing SSL Change Cipher Spec in EAP-TLS with Client 

Certificate verify failed, <A 

href="" target="_top" rel="nofollow" link="external">click 

here</A>. </DIV></FONT></DIV>


<br/><hr align="left" width="300" />

View this message in context: <a href="http://freeradius.1045715.n5.nabble.com/Missing-SSL-Change-Cipher-Spec-in-EAP-TLS-with-Client-Certificate-verify-failed-tp4565228p4565453.html">Re: Re: Missing SSL Change Cipher Spec in EAP-TLS withClientCertificate verify failed</a><br/>

Sent from the <a href="http://freeradius.1045715.n5.nabble.com/FreeRadius-Dev-f2789673.html">FreeRadius - Dev mailing list archive</a> at Nabble.com.<br/>