public secret and public radius server. Is it secure?
Stefan Winter
stefan.winter at restena.lu
Thu Jun 15 12:38:41 CEST 2006
Hi,
> > this is again an example where a RadSec extension would come in extremely
> > handy. Short wrapup: RadSec establishes connections via TCP and TLS and
> > transports the RADIUS payload over it, so clients can be identified by
> > their TLS certificate; IPs and shred secrets become obsolete.
>
> This is *extremely* useful, and solves a lot of deployment problems.
>
> > I am working on a formal specification of RadSec right now, of which
> > I hope it will somehow find a way into the Informational RFC
> > track. There is a lot more potential in it than the OSC Whitepaper
> > suggests.
>
> I'm available to work on it too, if you need help.
Well, I wanted to get started in the next days. I thought of providing a rough
draft, based on OSCs whitepaper, and share that with you and OSC. It will
also go through a review on a (public) Task Force, the TERENA Task Force
"Mobility", creator of a worldwide roaming service for the education and
research community:
http://www.terena.nl/activities/index.php?action=set_filters&filters[topic_id]=2
Later on, it is hopefully good enough to be considered as worthy of getting an
(informational?) RFC number at the IETF.
Greetings,
Stefan Winter
--
Stefan WINTER
Stiftung RESTENA - Réseau Téléinformatique de l'Education Nationale et de
la Recherche
Ingenieur Forschung & Entwicklung
6, rue Richard Coudenhove-Kalergi
L-1359 Luxembourg
E-Mail: stefan.winter at restena.lu Tel.: +352 424409-1
http://www.restena.lu Fax: +352 422473
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20060615/df498a65/attachment.pgp>
More information about the Freeradius-Users
mailing list