[EXT] TLS 1.3
Alan DeKok
aland at deployingradius.com
Mon May 31 14:08:35 CEST 2021
On May 31, 2021, at 7:54 AM, HERCEK, Marián <marian.hercek at ucm.sk> wrote:
> 1) it's very unlikely Android 4.4 supports TLS 1.3
For HTTPS. Not for EAP.
I *do* have some slight understanding of what's going on. What I find frustrating is people asking questions, and then arguing with the answers.
> 2) recv TLS 1.3 Handshake, ClientHello - does it belong to client (Android 4.4) or NAS (e.g. WiFi AP)?
The WiFi AP doesn't do EAP. So....
> 3) you mean I have to configure just tls_max_version and not tls_min_version?
Yes.
3.0.22 comes with the following defaults:
tls_min_version = "1.2"
tls_max_version = "1.2"
Use that.
Alan DeKok.
More information about the Freeradius-Users
mailing list