-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Thibault Le Meur wrote: > EAP-TTLS requires only a server-side cert. The client-side authentication is > performed through an inner TLS tunnel and is usually PAP (but can be any EAP > method). >
Several 801.1x/WPA clients can elect _not_ to verify the server's certificate with EAP-TTLS and EAP-PEAP. This allows Man-in-the-middle attacks. - -- ============== +----------------------------------------------+ Martin Gadbois | "Windows might take you from 0 to 60 faster, | S/W Developer | but to go to 100 you need Unix." | Colubris Networks Inc. +----------------------------------------------+ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFcHE79Y3/iTTCEDkRAmcaAJ4zhaOrgU2eJu+DYjxJ1LeeLj4LRgCgrHfg znf7AG/N0tZsXjiKtEM/XZ4= =Lm4S -----END PGP SIGNATURE----- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
