Hi, > I understand your view here and I don't disagree. My point is to firstly see > which of them > are being used in practice and then try to identify why. In certain instances > some of them > are more convenient/secure/etc than others, but when you know their > popularity you can > start thinking of other questions such as why would you need to configure > both PEAP and > EAP-TTLS for example. If providers are doing so there must be a reason and > this is what I > wanted to see.
answers 1) the usage figures are known by sites who tell - they always show PEAP being the most favoured 2) backend authentication method 3) PEAP is most convenient... with correct deployment they are all as secure as each other 4) because you can. we support PEAP/EAP-TTLS/EAP-TLS/EAP-PWD because our authentication system works with them all and it means that we can offer the widest range of authentication methods to clients - especially of interest to the mobile space where , for example, Apple could suddenly decide not to support PEAP anymore.... we've got EAP-TTLS there. > >From another point of view, I keep reading about "x being the most widely > >deployed" or "z > being the most commonly used" but no one backs up their claim. That's why I > thought to > ask... there is knowledge and a very large historical tract of 802.1X space. > the requirements of the scenario. I more wanted to see what do providers > eventually > support and what prevails in the real world (vs theory). ..and what would happen if the only vocal people who provided you with data were all using EAP-TLS or EAP-FAST, you would get a very distorted view of whats going on in the real world. that is the problem with such surveys or questions... alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
