[prev in list] [next in list] [prev in thread] [next in thread]
List: hostap
Subject: Re: How to force TLS 1.0 for wpa_supplicant - EAP
From: Jouni Malinen <j () w1 ! fi>
Date: 2009-08-28 18:33:42
Message-ID: 20090828183342.GH27813 () jm ! kir ! nu
[Download RAW message or body]
On Tue, Jul 21, 2009 at 08:40:02AM -0500, Michael Kurecka wrote:
> I'm setting up wpa_supplicant for use as EAP w/ PEAP/MSCHAPv2 and need
> to ensure that at a minimum TLS 1.0 is used rather than SSL 3.0 or
> less. What do I need to change to ensure that and how do I force the
> peap version to be 2 (Is it just phase1="peapver=2")?
You do not need to change anything. EAP-TLS (and PEAP/TTLS/FAST for that
matter) already require TLS 1.0 (or newer). SSL 3.0 won't be used.
--
Jouni Malinen PGP id EFC895FA
_______________________________________________
HostAP mailing list
HostAP@lists.shmoo.com
http://lists.shmoo.com/mailman/listinfo/hostap
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic