Questions about EAP-TLS

Alan DeKok aland at deployingradius.com
Thu Oct 8 21:40:33 CEST 2020


On Oct 8, 2020, at 3:34 PM, mramadany <mramadany1 at gmail.com> wrote:
> Sorry then, I thought that this question was relevant here.

  Questions about FreeRADIUS, yes.  But questions about "how does EAP-TLS work" are not FreeRADIUS.  They're common standards, documented in many places.

>> If you want to know "what happens when something goes wrong", or "what happens if...", then it's all answered in the RFCs.
> 
> Yep, that's what I was trying to figure out since I was worried that a malicious server could take over the connection once the client verifies the server (since as you mentioned, there are no tunnels involved).

  It's TLS.  Just like HTTPS.  So the answer is "no".

> Anyway, thank you for providing the numbers of the relevant RFCs, I will make sure to give them a read. 

  There are many, many of them.  :(

  Alan DeKok.




More information about the Freeradius-Users mailing list