Hello Jay > If you want to leverage the existing user profiles in the RADIUS > server for authentication, authorization, this Internet Draft TLS-EAP > Extension http://tools.ietf.org/html/draft-nir-tls-eap-06 might be > what you are looking for. Unfortunately, there is no implementation up > to date as far as I know. > > I am designing and developing the software for this Internet draft > based on OpenSSL, EAP module from wpa-supplicant and freeradius > client. Please let me know any special requirements if you are > interested in using TLS-EAP Extension.
I read the draft you mentioned above and I'm not 100% sure if I understood it correctly. So basically spoken the authentication/authorization becomes more of less independant from the application using this software/draft. There's an authentication/authorization infrastructure besides client and service that is generic and can be used for *different* services. So, e.g. I can use it for authentication/authorization for a webbrowser towards apache, for a mailclient towards the mailservice etc. If it is like that, this sounds pretty amazing and would give us exactely what we need. Best regards! M - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
