EAP-TTLS/EAP-TLS with freeRADIUS

Alan DeKok aland at deployingradius.com
Mon Nov 28 08:26:08 CET 2011


Stefan Winter wrote:
> I think what Alan was trying to point out is that

  He's been unsubscribed from the list.

  It's OK to not understand RADIUS.  It's OK to ask questions.  It's OK
to ask for help.  That's what the list is for.

  It's *not* OK to say "I've only been doing RADIUS for 2 days", and
then to imply he's made a brilliant discovery that everyone else missed.

> it is easy to find
> answers to your basic questions without asking this mailing list. The
> security of RADIUS is incredibly well-documented, and not specific to
> FreeRADIUS. So if your problem is that you don't know whether or not a
> RADIUS shared secret is sent in clear text or not - and jump to false
> conclusions based on your *belief* how it *might* work (even if you are
> wrong in your assumptions) then that is typically called "noise" on a
> mailing list.

  It's a psychological issue common among certain people.  Because he
knows nothing about RADIUS, he has no basis for judging who is a RADIUS
expert, and who is a newbie.  Therefore, he thinks he (a newbie) is just
as much of an expert as people who've done it for 15 years.

  Normal people don't do that.

> Your thread contains lots of confusion, false assumptions and wrong
> conclusions. There is always a danger that that kind of "half-knowledge"
> spreads and leads to FUD. So to be abundantly clear:

  Exactly.  The reason to answer is for later people.  We don't want
anyone else to be confused and misled by his false statements.

  Alan DeKok.



More information about the Freeradius-Users mailing list