would there be any problem not using CONFIG_EAP_MD5 flag

Jouni Malinen j at w1.fi
Sun Feb 19 00:31:51 PST 2017


On Sat, Feb 18, 2017 at 07:23:23PM -0800, Lucas wrote:
> Supposedly EAP-MD5 has been deprecated in Vista, and I'm curious if
> there would be any real ramifications for dropping it from android's
> wpa_supplicant.

I'm not sure whether anyone uses Android with EAP-TTLS/EAP-MD5 or
EAP-PEAP/EAP-MD5, but if one does, dropping it from wpa_supplicant would
obviously break those uses. That said, it does not look like at least
the AOSP version of Android even has any UI mechanism for configuring
EAP-MD5 to be used as a Phase 2 method, so this may be even less likely
to cause any practical difference. Please note that it does not really
do much to remove it from the build configuration either, i.e., all that
does is save couple of bytes in the binary size since the implementation
itself would not be used if it is not enabled in runtime configuration.

The more common use case for EAP-MD5 is in wired Ethernet IEEE 802.1X.
I'm not sure whether anyone uses Android in such networks, but the same
consideration would apply there.

-- 
Jouni Malinen                                            PGP id EFC895FA



More information about the Hostap mailing list