23 Jun
2005
23 Jun
'05
7:33 p.m.
"Tahseen Hussain" <stud3080@itu.dk> wrote:
The problem is end-to-end security in proxy chaining envrionment. What ever may be the protocol(CHAP or any EAP method) proxy server can see the passwrod
No. This is NOT true. With CHAP or MS-CHAP, the proxying server does not see the password. With EAP, the proxying server MAY see the password, depending on the EAP type, and how the proxying works. It will NOT see the password for EAP-MD5, PEAP (MSCHAPv2), EAP-TLS, EAP-SIM, etc. Please understand how the existing protocols work before designing another one. Alan DeKok.