Talk:Protected Extensible Authentication Protocol

From Wikipedia, the free encyclopedia

This article needs to be examined because it 'borrows' text from George Ou's article. There are some anti-Cisco statements in that article, which have been noted below.

I'm not a Cisco apologist, but in the name of objectivity, shouldn't this line be modified:

"As a result, most Cisco customers run the less secure and proprietary LEAP or EAP-FAST authentication protocols because they’ve swallowed the Cisco Kool-Aid."

Perhaps

"As a result, most Cisco customers run Cisco's proprietary LEAP or EAP-FAST authentication protocols due to their promotion by Cisco."

would be more appropriate?


No it should not be edited because it is 100% correct. LEAP and EAP-FAST are both less secure. In fact LEAP is so badly broken, even Cisco recommends not using it.


I think this sentence is misleading: PEAP-EAP-TLS is very similar in operation to the original EAP-TLS but provides slightly more protection due to the fact that portions of the client certificate that are unencrypted in EAP-TLS are encrypted in PEAP-EAP-TLS.

Realistically the effective strength of PEAP-EAP-TLS is no more than EAP-TLS. In both cases it is equal to the strength offered by TLS (which offers known key exchange protocols which are designed for "secure exchange" of keys on an "insecure" channel)


Removed link:

As it no longer works. Jimlaflin 16:16, 23 September 2006 (UTC)