On May 12, 2017, at 12:57 PM, Arran Cudbard-Bell <a.cudbardb@freeradius.org> wrote:
On May 12, 2017, at 11:39 AM, Turner, Randy <Randy.Turner@landisgyr.com> wrote:
Hi
Just curious if anyone on the list could comment on the possibility of FreeRadius support for TLS 1.3 in the EAP-TLS implementation ?
TLS 1.3 hasn't been standardised yet, it's currently on draft 19. What in particular were you looking for from TLS 1.3?
In any case we use OpenSSL as the crypto library. Other than occasionally updating the PMK derivation algorithms, there's usually not much FreeRADIUS needs to do to support new TLS versions.
Looks like it's included in OpenSSL 1.1.1. I believe FreeRADIUS v3.0.x is compatible with 1.1.x, and v4 definitely is. Try building it and see if it works? :) -Arran