Hi, On Thu, Sep 20, 2018 at 06:43:29AM -0400, Alan DeKok wrote:
On Sep 20, 2018, at 2:15 AM, Hans-Christian Esperer <hc@hcesperer.org> wrote:
Is there any advantage of TTLS over PEAP security wise?
Not a lot. They're both based on EAP-TLS, so they share that security.
Okay, thank you. I know this is not related to this thread anymore, but could you elaborate a bit on the "Not a lot"? Another question, while we're at it: I just read about WPA3 and realized that WPA2-PSK does not offer forward secrecy. AFAICT EAP-TLS, TTLS and PEAP *do* provide forward secrecy, as long as the TLS handshake establishes a session key via diffie hellman. Correct? Now I wonder whether EAP-PWD, which uses a PSK per user, also provides forward secrecy? My assumption is that it doesn't. Thanks HC