What is more secure: EAP-PEAP, EAP-TLS or EAP-TTLS?

Nik Mitev nik.mitev at jisc.ac.uk
Tue Aug 21 10:02:52 CEST 2018

On 21/08/18 08:01, Denis Mirassou (UT3/DSI) wrote:
> If your concern is about to authenticate devices (smartphones) and not
> users for sure (think of stolen phones), Client certificates should do
> the job.

If the private key for the client certificate is encrypted and requires
a password, you can authenticate the user too and not just the device.
That said, most of the time wifi passwords are stored in the phone and
not required to connect.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20180821/11e795d6/attachment.sig>

More information about the Freeradius-Users mailing list