[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Isms] RE: Follow up on Authorize Only issue

To: isms@ietf.org, radiusext@ops.ietf.org
Subject: RE: [Isms] RE: Follow up on Authorize Only issue
From: "Bernard Aboba" <bernard_aboba@hotmail.com>
Date: Tue, 25 Jul 2006 13:50:10 -0700
Bcc:
In-reply-to: <4C0FAAC489C8B74F96BEAD85EAEB262502597D2A@xmb-sjc-215.amer.cisco.com>

What's actually silly is talking about untrusted NASen at all: if a RADIUSclient that has a valid >shared secret has been compromised, life is prettymuch over anyway.


There is still the 'cascading vulnerabilty' problem.

That is, compromise of a single NAS should not imply compromise of otherservices, NASes or users.




--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

References:
- RE: [Isms] RE: Follow up on Authorize Only issue
  - From: "Glen Zorn \(gwz\)" <gwz@cisco.com>

Prev by Date: RE: [Isms] RE: Follow up on Authorize Only issue
Next by Date: RE: [Isms] RE: Follow up on Authorize Only issue
Previous by thread: RE: [Isms] RE: Follow up on Authorize Only issue
Next by thread: RE: [Isms] RE: Follow up on Authorize Only issue
Index(es):
- Date
- Thread