I'm new to the Radius protocol, just having finished implementing a module for access to a private authentication service.
During development one thing struck me as odd: authorization checks are done before the entity being authorized is authenticated. It's been my experience that before an entity is authorized it should be asked to prove itself via authentication. Why does the Radius protocol reverse the order of authentication and authorization? Vic Abell <[EMAIL PROTECTED]> - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
