| RE: RE: [Isms] RADIUS is not a trusted third party | <– Date –> <– Thread –> |
From: Bernard Aboba (aboba internaut.com)
|
|
| Date: Mon, 25 Apr 2005 22:01:36 -0400 (EDT) | |
Martin Soukup said: > The use of RADIUS itself without a defined extension such as EAP-TLS > or EAP-PEAP over RADIUS cannot securely pass attributes between > entities. Note that the defined EAP-TLS (or other EAP mechanisms) > over RADIUS provides for secure attribute passing between entities > even through proxies. In response to which, Glen Zorn spake thusly: > I thought that I was passing familiar w/EAP-TLS (and even more so > w/PEAP), but I am completely unaware of such capabilities. Would > you mind explaining how this is achieved, given that RADIUS & EAP > are completely different protocols? I also was unaware of the ability of EAP-TLS to transmit RADIUS attributes between the EAP peer and server. I had always thought RADIUS was a protocol only spoken between a NAS and a RADIUS server, and that EAP-TLS didn't support transmission of TLVs. But I guess this is a somewhat old fashioned point of view. Perhaps this is referring to EAP-TLS "extended" via the following? http://www.ietf.org/internet-drafts/draft-funk-tls-inner-application-extension-01.txt
- Re: RE: [Isms] RADIUS is not a trusted third party, (continued)
- Message not available
- Re: RE: [Isms] RADIUS is not a trusted third party Bernard Aboba, April 22 2005
- RE: RE: [Isms] RADIUS is not a trusted third party Bernard Aboba, April 25 2005
- RE: RE: [Isms] RADIUS is not a trusted third party Bernard Aboba, April 26 2005
Results generated by Tiger Technologies using MHonArc.