(no subject)
Martin Gadbois
martin.gadbois at colubris.com
Fri Dec 1 19:15:23 CET 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Thibault Le Meur wrote:
> EAP-TTLS requires only a server-side cert. The client-side authentication is
> performed through an inner TLS tunnel and is usually PAP (but can be any EAP
> method).
>
Several 801.1x/WPA clients can elect _not_ to verify the server's
certificate with EAP-TTLS and EAP-PEAP.
This allows Man-in-the-middle attacks.
- --
============== +----------------------------------------------+
Martin Gadbois | "Windows might take you from 0 to 60 faster, |
S/W Developer | but to go to 100 you need Unix." |
Colubris Networks Inc. +----------------------------------------------+
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFFcHE79Y3/iTTCEDkRAmcaAJ4zhaOrgU2eJu+DYjxJ1LeeLj4LRgCgrHfg
znf7AG/N0tZsXjiKtEM/XZ4=
=Lm4S
-----END PGP SIGNATURE-----
More information about the Freeradius-Users
mailing list