18 Nov
2014
18 Nov
'14
12:10 p.m.
Phil, I agree with you to the extent that simply modifying the default configuration file to define a cipher_list would be a rather poor idea as it would stick around as best practices change. I think the right approach is to change the behaviour of FreeRADIUS so that it sets a sane cipher suites configuration where cipher_list isn't defined in eap.conf. As new releases of FreeRADIUS come out, this can be easily changed as becomes necessary as best practices change. Nick