Windows/FreeRADIUS Default TLS Cipher Suite

Author	All Replies
jbibe Premium,MVM join:2001-02-22	Windows/FreeRADIUS Default TLS Cipher Suite About two years ago, Jason Cohen discussed the fact that the default TLS cipher suite suggested by a Windows XP station and accepted by FreeRADIUS during WPA and WPA2 authentication is: TLS_RSA_WITH_RC4_128_MD5 In its default state, FreeRADIUS selects the first suite in the client list. Jason recommended changing the FreeRADIUS configuration to select a stronger cipher suite from the list. For more information, see: »Questions about WPA2 and WPA A quick test today verified that Windows XP with SP3 sends the same 11 cipher suites, in the same order, and that the FreeRADIUS server selects the first cipher suite, as before. I also ran some tests using a Vista station. The first cipher suite in the Vista client list is: TLS_RSA_WITH_AES_128_CBC_SHA Again, FreeRADIUS selects the first suite. This cipher suite is a major improvement.
jbibe Premium,MVM join:2001-02-22	to forum · permalink · · 2008-07-03 15:23:36 ·
docrice join:2008-03-31 Fremont, CA	I haven't read through that thread you linked, but that's quite interesting and I never thought of this. Thanks for the info. Do you know if this is also the case with other AAAs such as IAS, ACS, or SBR?
docrice join:2008-03-31 Fremont, CA	to forum · permalink · · 2008-07-03 16:29:38 ·
jbibe Premium,MVM join:2001-02-22	I don't know.
jbibe Premium,MVM join:2001-02-22	to forum · permalink · · 2008-07-03 17:30:07 ·


Friday, 05-Sep 01:16:18	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 9 years online! © 1999-2008 dslreports.com.republican-creole page compression OFF