|
> As I mentioned in the meeting, this is making a rather huge assumption about > deployment issues over which the IETF has no control; in addition, the > experience WRT Diameter security deployment is not especially encouraging. My understanding is that many Diameter deployments use no security at all, making them much *less* secure than RADIUS. And these deployments are with NASes that are considerably more expensive than a mass market access point. I'm not sure whether the issue is operational (too hard to configure) or with the implementation. But something, somewhere, appears to have gone very wrong. |