AES encrypted passwords

freeradius-users at freeradius-users at
Fri Sep 30 16:10:06 CEST 2016

On 30/09/16 14:47, Alan DeKok wrote:
> Your response complaining about security professionals concentrating
> on the wrong thing is *entirely* inappropriate.

I think my point about sometimes things being Good Enough is valid.

Thanks to some helpful replies it is now abundantly clear that not
verifying the certificate is not Good Enough.

> I'll say it again: Amateurs SHOULD NOT be designing security systems.
> You, and your managers, and the marketing people, are security
> amateurs.

I didn't design this.

> Listen to the experts, or ignore their advice.  It's up to you.  But
> do *not* respond by belittling the experts.

I am sorry if you felt that I was belittling the experts.  Or that I
was arguing.

> Honestly, I have no idea what the heck is going through peoples minds
> when they ask questions, and thenargue with the answers.  It's

/s/argue with the answers/seek further clarification/

> Stop it.

I think I'm out of here for now.

More information about the Freeradius-Users mailing list