[RADIATOR] Apple iOS 9 and OS X El Capitan
Nick Lowe
nick.lowe at lugatech.com
Sun Jul 26 06:55:45 CDT 2015
The supplicant in Windows 7 and newer support TLS 1.2 for the
TLS-based EAP types offered such as EAP-PEAP if the machine is fully
patched via Windows Update.
TLS 1.1 and 1.2 are disabled by default but can be enabled for you to test with.
See the second More Information section of:
https://support.microsoft.com/en-us/kb/2977292
The configuration of the TlsVersion DWORD in the registry is actually
more granular than the KB article lets on as you actually get control
of both the client and server version behaviour, it is not lumped
together.
The values map to the SP_PROT flags defined in schannel.h, documented
online as part of the SCHANNEL_CRED structure under
grbitEnabledProtocols.
http://msdn.microsoft.com/en-gb/library/windows/desktop/aa379810.aspx
SP_PROT_TLS1_SERVER
0x00000040
SP_PROT_TLS1_CLIENT
0x00000080
SP_PROT_TLS1_1_SERVER
0x00000100
SP_PROT_TLS1_1_CLIENT
0x00000200
SP_PROT_TLS1_2_SERVER
0x00000400
SP_PROT_TLS1_2_CLIENT
0x00000800
Regards,
Nick
More information about the radiator
mailing list