TLS certificates authorities.
Stefan Winter
stefan.winter at restena.lu
Fri Sep 9 12:34:22 CEST 2016
Hello,
> This is clear for me. Are there are any EAP flavor that uses strong hash
> and can handle SSID spoofing well?
EAP-TLS brings all the security you ever want with its use of client
certificates. It also brings all the complexities of cert management you
do not want though.
EAP-pwd is password-based but the passwords never travel over the wire.
probably this is what you want. It's comparatively "brand new" though,
and you need to pay some attention if your envisaged client devices all
support it.
Greetings,
Stefan Winter
--
Stefan WINTER
Ingenieur de Recherche
Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et
de la Recherche
2, avenue de l'Université
L-4365 Esch-sur-Alzette
Tel: +352 424409 1
Fax: +352 422473
PGP key updated to 4096 Bit RSA - I will encrypt all mails if the
recipient's key is known to me
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xC0DE6A358A39DC66
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20160909/f653db5d/attachment.sig>
More information about the Freeradius-Users
mailing list