>> Radius is generally used for 802.1x authentications, which does not >> seem to be relevant in any way to authentication for a web service. > > You see chance, I see cause .... > a Lightweight Kerberos... a small tilt in the tale .. will bring the light. > Jan 1, 2011 lets hope the day will bring your mail in your 'box' only.
http://en.wikipedia.org/wiki/RADIUS#Security_2 The way I understand things is that RADIUS does not offer encryption (for payload or bulk of data). That's where this conversation started from (http/https). It is used for authorization (in our context). That means validating whether the given username/password are correct or not. RADIUS can be (is?) used for authenticating and accounting say for users who connect to a wireless service. Again, it does not manage encryption of the traffic afterwards. As Nitesh suggested earlier, TLS might be better supported for what you want -- I don't know anything about TLS but I am guessing what Nitesh meant was that in TLS, both server and client negotiate which encryption standard they want to use (much like ssh). SB -- l...@iitd - http://tinyurl.com/ycueutm
