Alan DeKok writes: > > Uh, right. Why were you arguing about something you didn't > understand? It would have been politer for you to ask HOW it works, > rather than claiming it's wrong and insecure, and then back-pedalling > when your confusion was corrected.
Well I don't think I ever said anything was wrong and my first question was "why?" I don't know how I could have been more polite. The only objections I wrote were philosophical ones that didn't deal with the specifics of the RADIUS protocol but with general authentication vs. authorization sequences. I thought they were discussions of straw-man scenarios and not arguments. So I think you're wrong about the tone of what I wrote, but quite right that I probably could have read RFC 2865 and gotten the answer. Vic - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
