[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Crypto-agility work item
You are right about that free radius dictionaries.
FWIW there are many more then the list you have posted.
> -----Original Message-----
> From: owner-radiusext@ops.ietf.org
> [mailto:owner-radiusext@ops.ietf.org] On Behalf Of Alan DeKok
> Sent: Friday, February 24, 2006 6:47 PM
> To: Nelson, David
> Cc: radiusext@ops.ietf.org
> Subject: Re: Crypto-agility work item
>
> ...
> > Are there others I've overlooked?
>
> $ grep encrypt= freeradius/share/dictionary* | sed ....
>
> User-Password 2 string encrypt=1
> Tunnel-Password 69 string
> has_tag,encrypt=2
> MS-CHAP-MPPE-Keys 12 octets encrypt=1
> MS-MPPE-Send-Key 16 octets encrypt=2
> MS-MPPE-Recv-Key 17 octets encrypt=2
>
> Message-Authenticator doesn't need any flags in the
> implementation, so it isn't listed here. The 'encrypt=1'
> means "like User-Password",
> 2 means "like Tunnel-Password", and (below) 3 means "like
> Ascend-Send-Secret".
>
> We also have encrypted VSA's.
>
> 3GPP2-MN-HA-Shared-Key 58 string encrypt=2
> Ascend-Send-Secret 214 string encrypt=3
> Ascend-Receive-Secret 215 string encrypt=3
> X-Ascend-Send-Secret 214 string encrypt=3
> X-Ascend-Receive-Secret 215 string encrypt=3
> ERX-LI-Action 58 integer encrypt=2
> ERX-Med-Dev-Handle 59 octets encrypt=2
> ERX-Med-Ip-Address 60 ipaddr encrypt=2
> ERX-Med-Port-Number 61 integer encrypt=2
> Lucent-Send-Secret 214 string encrypt=3
> Lucent-Receive-Secret 215 string encrypt=3
>
> It looks like that's it. The FreeRADIUS dictionaries
> aren't authoritative, but they do have a large number of
> vendor dictionaries.
>
> Alan DeKok.
>
> --
> to unsubscribe send a message to
> radiusext-request@ops.ietf.org with the word 'unsubscribe' in
> a single line as the message text body.
> archive: <http://psg.com/lists/radiusext/>
>
--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>