On 06/06/2012 07:17 PM, David Heinz wrote: > I was wondering if the following "issue" also occurs in the Radiator code. > > https://bitcointalk.org/index.php?topic=85648.msg943612 > > I've looked at the code, and I see if it doesn't decrypt properly then > there is obviously a reject. This is then followed by a REJECT if the > CRC is not ok. However, I see no method to verify the "secret id" as > mentioned in the post. Is radiator using the same method for Yubikey > authentication as the Yubico systems then? > > Thanks for any info you can give. I need to make sure I understand this > so I can talk to our Information Security team.
Thanks for letting us know of this issue. I heard this will be looked at soon, so expect an update in the near future. Thanks again! Heikki -- Heikki Vatiainen <h...@open.com.au> Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc. _______________________________________________ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator