Martin,
You are correct that you need modified TLS library, EAP module and GUI
for configuration EAP parameters integrated with each client. It is
quite feasible with Firefox. The modified library, EAP module
(library) can be made as patch to Firefox and
Microsoft IE is another story.
Thanks,
J
Helllo Jay
> The Internet Draft address what you described in web client/Apache
> server and mail client and mail server applications. The TLS-EAp
> extension is leveraging existing user credential and profile in AAA
> server. In addition, you have flexibility to choose different
> authentication
Martin,
The Internet Draft address what you described in web client/Apache
server and mail client and mail server applications. The TLS-EAp
extension is leveraging existing user credential and profile in AAA
server. In addition, you have flexibility to choose different
authentication method using
Hello Jay
> If you want to leverage the existing user profiles in the RADIUS
> server for authentication, authorization, this Internet Draft TLS-EAP
> Extension http://tools.ietf.org/html/draft-nir-tls-eap-06 might be
> what you are looking for. Unfortunately, there is no implementation up
> to da
Martin,
If you want to leverage the existing user profiles in the RADIUS
server for authentication, authorization, this Internet Draft TLS-EAP
Extension http://tools.ietf.org/html/draft-nir-tls-eap-06 might be
what you are looking for. Unfortunately, there is no implementation up
to date as far as
Martin Schneider wrote:
> We need also authorization. So we want to
>
> 1.) check if the certificate is signed by a "trusted ca"
That is done by the normal certificate validation process.
> 2.) check if the username x in the certificate is "known"
What does that mean? If the CA signed the c
I think I need to clarify my question a little:
>> we're trying to setup a freeradius / apache installation that allows
>> us to authenticate and authorize users with *certificates* towards a
>> website.
We want to have *multiple* services, not only just one service. If we
would only have one ser
Hi Ivan
> Why use radius to check certificates when Apache can do it?
>
> http://httpd.apache.org/docs/2.0/ssl/ssl_howto.html
Thanks for this reply.
We need also authorization. So we want to
1.) check if the certificate is signed by a "trusted ca"
2.) check if the username x in the certificate
> we're trying to setup a freeradius / apache installation that allows
> us to authenticate and authorize users with *certificates* towards a
> website.
>
> Is there a good tutorial out there somewhere? We did only finde
> partial information that seems to be quite old unfortunately. Or could
> som
Hello all,
we're trying to setup a freeradius / apache installation that allows
us to authenticate and authorize users with *certificates* towards a
website.
Is there a good tutorial out there somewhere? We did only finde
partial information that seems to be quite old unfortunately. Or could
some
10 matches
Mail list logo
