Tom Lane wrote:
> Hm ... seems to me that is a network security problem, not our problem.
> Who's to say one of the spoofed packets won't pass verification?
The packets are signed with a shared key. Passing verification means
either the attacker knows the key, or the attacker has broken MD5 in
ways that are currently unknown.
> If you want to change it, I won't stand in the way, but I have real
> doubts about both the credibility of this threat and the usefulness
> of the proposed fix.
The credibility of the threat is high. Anyone can trivially send a
packet which will cause authentication to fail. This is a DoS attack.
The usefulness of the fix is to mitigate the threat, and the implement
the security features mandated by RFC 2865. It's also how *all* RADIUS
implementations work.
Alan DeKok.