hi, thankyou Alan for your responsible reporting of this issue, as anyone using FreeRADIUS with EAP-TLS etc will be using OpenSSL anyone on any platform with a weak key method needs to know this issue.
I note that various OpenSSL-using tools are being updated to detect such weak keys - eg OpenVPN on ubuntu - and if they detect them, they wont start (reporting a direct error about such keys) - will FreeRADIUS also adopt this policy? alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
