(RADIATOR) RadSec RADIUS packet with TLS secret
Mike McCauley
mikem at open.com.au
Tue Jul 5 20:06:34 CDT 2005
Hello Kiran,
We do not currently have a way to set the shared secret from the TLS
parameters. I think it would be acceptable to use a common or empty
secret, since the entire conversation will be encrypted by TLS anyway.
Cheers.
On Wed, 2005-07-06 at 07:41 +0900, Hugh Irvine wrote:
> Hello Kiran -
>
> Thanks for your mail.
>
> I have copied this reply to Mike who will need to discuss your
> requirements with you.
>
> Mike is away for a couple of days, so he may not get back to you
> until later in the week.
>
> regards
>
> Hugh
>
>
> On 5 Jul 2005, at 21:58, gullapalli wrote:
>
> > hi all,
> >
> > According to white paper on RadSec I found that once TLS tunnel is
> > formed
> > between two RADIUS servers, RADIUS packet request authenticator is
> > calculated with help of shared secret between two RADIUS server,
> > but in an
> > application which we are planning to build there is no shared secret
> > between two RADIUS servers but having a certificate issued by same
> > CA. Is
> > it possible to calculate RAIDUS request authenticator with the help of
> > dynamic secret formed between both servers while TLS handshaking?
> > If so what are the problems we can face with that? Your suggestions
> > are
> > welcomed.
> > Thanx
> > Kiran kumar gullapalli
> >
> > --
> > Archive at http://www.open.com.au/archives/radiator/
> > Announcements on radiator-announce at open.com.au
> > To unsubscribe, email 'majordomo at open.com.au' with
> > 'unsubscribe radiator' in the body of the message.
> >
>
>
> NB: I am travelling this week, so there may be delays in our
> correspondence.
>
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list