more EAP/TTLS trouble

Steve Hopps steve.hopps at
Wed May 30 16:13:53 CEST 2012

It's a frustrating situation because if Windows were to support all of
the encryption features that their competition does, indeed, that my
_phone_ supports, I would not need to compromise. I personally believe
a company can deliver a top product without sacrificing their profit
margin. Microsoft falls short of this, and here we have a perfect
example of precisely how. I also think their tiered version method
they introduced with Vista is dishonest, as a result of this. But
we're getting off track.

It's too bad the XSupplicant project is not yet to the point of
stability with Windows 7 64-Bit. I haven't had an opportunity to test
it with 32-Bit yet, I imagine it works okay with Windows XP, but many
of our employees are using Windows 7 on newer laptops. If that app
worked, this wouldn't be a problem. If you ask me, that is the nature
of the beast when it comes to computers. It'll work in a month, or a
year, or several years, but for now we just beat our heads against the

In quick response to Stefan, I'm not associated with eduroam, however,
I have found the eduroam instructions to be very helpful in getting
this working as far as I have. In particular, the iphone support. So
thanks for that. :)

On Wed, May 30, 2012 at 8:55 AM, Alan DeKok <aland at> wrote:
> Steve Hopps wrote:
>> The reasons you stated are why I think this is near impossible. Our
>> passwords are stored with md5... I'm not fond of the idea that in
>> order to get this to work, we have to compromise our security policy.
>  Life is a series of compromises.  Deal with it.
>> As for the Windows salesman, leaving out features from one OS to sell
>> a newer OS is one of the reasons I cannot stand your company.
>  I'll take that as "adding more features in newer releases".
>  Windows 8 is the first version which supports TTLS.  While this should
> arguably have been done years ago, it's nice to have it now.
>  And if you're arguing against upgrades, you can do the same for
> FreeRADIUS.  Version 3.0 will support RadSec (RADIUS over SSL).  Version
> 2.x will not.  Ever.
>> That
>> said, Windows 7 is great in my opinion, like Windows XP. If you really
>> care, put pressure on your higher ups to extend the functionality to
>> support things like EAP/TTLS and PAP. I'm sure there's other
>> deficiencies.. How is it right to sell "ultimate" versions of an OS
>> for $150-200 when they dont even support as many features as a free,
>> open source system?
>  They have different priorities.
>  FreeRADIUS is about making software that works.
>  Microsoft is about money.
>  Guess which one works well, and which one has more money?
>  Alan DeKok.
> -
> List info/subscribe/unsubscribe? See

More information about the Freeradius-Users mailing list