Statistics on EAP methods widely used
Panagiotis Georgopoulos
panos at comp.lancs.ac.uk
Tue Nov 20 23:24:44 CET 2012
Hello Alan,
Thanks for your reply,
> > I understand your view here and I don't disagree. My point is to
> > firstly see which of them are being used in practice and then try to
> > identify why. In certain instances some of them are more
> > convenient/secure/etc than others, but when you know their popularity
> > you can start thinking of other questions such as why would you need
> > to configure both PEAP and EAP-TTLS for example. If providers are doing
so
> > there must be a reason and this is what I wanted to see.
>
> answers
>
> 1) the usage figures are known by sites who tell - they always show PEAP
being
> the most favoured
I didn't know that, and some articles I read didn't favour PEAP that much.
Good to learn.
>
> 2) backend authentication method
>
> 3) PEAP is most convenient... with correct deployment they are all as
secure
> as each other
I would imagine that from the backend's perspective deploying PEAP and
EAP-TTLS is similar right? When you mention here convenient you mean in
terms of the clients that support it out of the box?
>
> 4) because you can. we support PEAP/EAP-TTLS/EAP-TLS/EAP-PWD because our
> authentication system works with them all and it means that we can offer
the
> widest range of authentication methods to clients - especially of interest
to
> the mobile space where , for example, Apple could suddenly decide not to
> support PEAP anymore.... we've got EAP-TTLS there.
>
So being more inclusive and supporting more devices out of the box is a
reason for supporting more than one EAP method on the server.
is knowledge and a very large historical tract of 802.1X space.
> > the requirements of the scenario. I more wanted to see what do
> > providers eventually support and what prevails in the real world (vs
> theory).
>
> ..and what would happen if the only vocal people who provided you with
data
> were all using EAP-TLS or EAP-FAST, you would get a very distorted view of
> whats going on in the real world. that is the problem with such surveys or
> questions...
>
Nothing would happen! I asked to see if people have pointers or would be
willing to share their stats/numbers as there is nothing as such online.
Thanks for your reply,
Panos
More information about the Freeradius-Users
mailing list