Re: [RADIATOR] Radiator + libtnc + tpm platform authentication IMC

[Florian Kabus]

Am 12.07.2013 11:28, schrieb Heikki Vatiainen:
 this sounds like a normal EAP-TLS setup from the RADIUS/EAP server's
 perspective. Please see goodies/eap_tls.cfg for EAP-TLS examples. I do
 not think it matters to the servers side whether the private key is
 stored in a TPM chip or in a file.

Hello,

thanks for the reply. That´s right. As far is I know Radiator should 
support EAP-TNC inside a TTLS-Tunnel. So the servers side should be fine 
(not tested yet!).

More of a problem is the _Windows_ client side implementation with 
apropriate libraries like a TNC-compatible Supplicant, apropriate TSS 
and in particular an IMC to check platform identity.

I just asking if there are possibly any experiences here with libtnc and 
an implementation like that, because I´m a little bit lost.

Thanks,
Flo
___
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/radiator

[RADIATOR] Radiator + libtnc + tpm platform authentication IMC

[Florian Kabus]

Hello,

I know this is maybe not the right place to ask, but as my last hope:

Are there any experiences, resources, hints regarding implementation of 
an TPM platform authentication on windows clients in conjunction with 
radiator?

classic scenario:
We would like to authenticate Win 7 endpoints with certificates stored 
on the TPM and thus based on the identity deny or permit access to the 
enterprise network.

Regards,

Florian Kabus
___
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/radiator