On Sep 16, 2019, at 5:49 AM, Jan-Frederik Rieckers <rieckers+freeradius-devel@uni-bremen.de> wrote:
I'm currently testing freeradius v4 with eduroam and have encountered an issue with TLS 1.3:
We don't recommend most people use v4. It's not officially released, some things don't work, and the code changes radically from day to day. For similar reasons, we don't recommend people use TLS 1.3. The EAP-TLS specification isn't finished, and neither is the one for EAP-TTLS.
Since I currently don't have any other TLS1.3 capable radius server to test I just wanted to ask: Is this a problem in FreeRADIUS or in wpa_supplicant?
There's a reason no TLS 1.3-capable RADIUS server exists. The specifications aren't finished. If TLS 1.3 works, it's magic. Wonderful. If it doesn't work, wait for the standards to be published. Alan DeKok.