[5060] in bugtraq
Re: Shared Secret Recovery in RADIUS
daemon@ATHENA.MIT.EDU (Thomas H. Ptacek)
Thu Jul 31 12:46:41 1997
Date: Wed, 30 Jul 1997 19:04:44 -0500
Reply-To: tqbf@enteract.com
From: "Thomas H. Ptacek" <tqbf@ENTERACT.COM>
X-To: Riku Meskanen <mesrik@cc.jyu.fi>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <Pine.SOL.3.96.970730211200.4366C-100000@kanto.cc.jyu.fi> from
"Riku Meskanen" at Jul 30, 97 10:00:17 pm
> Some work seems to be done by Dale Cook <cdm@hyperk.com> of SCIENTECH to
> solve these issues, see
The work you're referring to involves forwarding requests between RADIUS
servers using public key encryption. It's definitely an antidote for the
problem of naieve implementations forwarding raw, insecure RADIUS protocol
messages across the Internet, but doesn't resolve the problem at the
NAS->AAAS level.
----------------
Thomas Ptacek at EnterAct, L.L.C., Chicago, IL [tqbf@enteract.com]
----------------
"If you're so special, why aren't you dead?"
