>The basic idea is to run TLS inside EAP and then EAP again within the >TLS session. Thus it is fairly similar to EAP-TTLS and seems to give >about the same advantages (support for legacy authentication methods, >protection of the identity, etc.). > >The ID you reference (-05 is the latest version) should be sufficient to >implement it.
Is http://www.ietf.org/internet-drafts/draft-kamath-pppext-peapv0-00.txt the latest draft for PEAP? what would be the suggested starting place to add the code: under src/modules/rlm_eap or create a new directory src/modules/rlm_peap? > >> it probably gives mutual out and key >> negotiation > >Yes. > >> [2] >> http://www.globecom.net/ietf/draft/draft-josefsson-pppext-eap-tls-eap-02.html -Paul http://www.ietf.org/internet-drafts/draft-kamath-pppext-peapv0-00.txt - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
