EAP SIM - fresh RANDs
Hi, Is free radius compliant to RFC 4186? In particular, with respect to section 10.9 which says, The EAP server MUST obtain fresh RANDs for each EAP-SIM full authentication exchange. More specifically, the server MUST consider RANDs it included in AT_RAND to be consumed if the server receives an EAP-Response/SIM/Challenge packet with a valid AT_MAC, or an EAP-Response/SIM/Client-Error with the code "insufficient number of challenges" or "RANDs are not fresh". However, in other cases (if the server does not receive a response to its EAP-Request/SIM/Challenge packet, or if the server receives a response other than the cases listed above), the server does not need to consider the RANDs to be consumed, and the server MAY re-use the RANDs in the AT_RAND attribute of the next full authentication attempt. If compliant, how to configure it to generate fresh RANDs? Thanks, Sateesh Forgot the famous last words? Access your message archive online at http://in.messenger.yahoo.com/webmessengerpromo.php
participants (1)
-
sateesh busam