mutual certificate authentication combined with 2nd factor inner authentication
Essen, Hartwig von
Hartwig.vonEssen at airbus.com
Wed Dec 2 10:02:59 CET 2009
Due to a limitation also described in 2006 by Matt Brown
http://www.mattb.net.nz/blog/2006/09/22/requiring-client-certificates-fo
r-eap-ttls-with-freeradius/
we are not able to use
- mutual certificate authentication between the server and the client in
EAP-TTLS
- in combination with a second factor using inner authentication eg.
EAP-OTP/MSCHAP etc...
According to a suggestion by Matt Brown (link above) a slight change
would correct this.
Was this suggestion ever communicated to the freeradius project ?
We also plan to use the described combination and would prefer, when
that slight change could be integrated rather than doing a patch.
Hartwig ve
More information about the Freeradius-Users
mailing list