Jump to content

Talk:Protected Extensible Authentication Protocol

Page contents not supported in other languages.
From Wikipedia, the free encyclopedia
This is an old revision of this page, as edited by 12.20.122.28 (talk) at 21:16, 21 June 2006. The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

I'm not a Cisco apologist, but in the name of objectivity, shouldn't this line be modified:

"As a result, most Cisco customers run the less secure and proprietary LEAP or EAP-FAST authentication protocols because they’ve swallowed the Cisco Kool-Aid."

Perhaps

"As a result, most Cisco customers run Cisco's proprietary LEAP or EAP-FAST authentication protocols due to their promotion by Cisco."

would be more appropriate?


No it should not be edited because it is 100% correct. LEAP and EAP-FAST are both less secure. In fact LEAP is so badly broken, even Cisco recommends not using it.


I think this sentence is misleading: PEAP-EAP-TLS is very similar in operation to the original EAP-TLS but provides slightly more protection due to the fact that portions of the client certificate that are unencrypted in EAP-TLS are encrypted in PEAP-EAP-TLS.

Realistically the effective strength of PEAP-EAP-TLS is no more than EAP-TLS. In both cases it is equal to the strength offered by TLS (which offers known key exchange protocols which are designed for "secure exchange" of keys on an "insecure" channel)

Retrieved from "https://en.wikipedia.org/w/index.php?title=Talk:Protected_Extensible_Authentication_Protocol&oldid=59882127"