public secret and public radius server. Is it secure?
Alan DeKok
aland at nitros9.org
Tue Jun 6 17:22:14 CEST 2006
Stefan Winter <stefan.winter at restena.lu> wrote:
> this is again an example where a RadSec extension would come in extremely
> handy. Short wrapup: RadSec establishes connections via TCP and TLS and
> transports the RADIUS payload over it, so clients can be identified by their
> TLS certificate; IPs and shred secrets become obsolete.
This is *extremely* useful, and solves a lot of deployment problems.
> I am working on a formal specification of RadSec right now, of which
> I hope it will somehow find a way into the Informational RFC
> track. There is a lot more potential in it than the OSC Whitepaper
> suggests.
I'm available to work on it too, if you need help.
> It would be really great to get an implementation of this in FR.
I don't think it's that hard, it just needs to be done.
Alan DeKok.
More information about the Freeradius-Users
mailing list