more EAP/TTLS trouble

Alan DeKok aland at
Wed May 30 15:55:19 CEST 2012

Steve Hopps wrote:
> The reasons you stated are why I think this is near impossible. Our
> passwords are stored with md5... I'm not fond of the idea that in
> order to get this to work, we have to compromise our security policy.

  Life is a series of compromises.  Deal with it.

> As for the Windows salesman, leaving out features from one OS to sell
> a newer OS is one of the reasons I cannot stand your company.

  I'll take that as "adding more features in newer releases".

  Windows 8 is the first version which supports TTLS.  While this should
arguably have been done years ago, it's nice to have it now.

  And if you're arguing against upgrades, you can do the same for
FreeRADIUS.  Version 3.0 will support RadSec (RADIUS over SSL).  Version
2.x will not.  Ever.

> That
> said, Windows 7 is great in my opinion, like Windows XP. If you really
> care, put pressure on your higher ups to extend the functionality to
> support things like EAP/TTLS and PAP. I'm sure there's other
> deficiencies.. How is it right to sell "ultimate" versions of an OS
> for $150-200 when they dont even support as many features as a free,
> open source system?

  They have different priorities.

  FreeRADIUS is about making software that works.

  Microsoft is about money.

  Guess which one works well, and which one has more money?

  Alan DeKok.

More information about the Freeradius-Users mailing list