8 Jul
1996
8 Jul
'96
7:17 p.m.
Date: Mon, 8 Jul 1996 13:30:28 -0700 (PDT) From: Michael Dillon <michael@memra.com>
On Mon, 8 Jul 1996, Barry James wrote:
So, the only "secrets" that are shared are the md5 digest keys used between the RADIUS server and TS.
Not quite. The user must "share" their password with the first RADIUS client in order for it to be encrypted via MD5 in the first place. There is a hole here. But there is a solution as well.
Not true with CHAP. Nothing knows the user's secret but the user and the eventual auth server. Barney Wolff <barney@databus.com>