cat-users AT lists.geant.org
Subject: The mailing list for users of the eduroam Configuration Assistant Tool (CAT)
List archive
- From: Ruben Vestergaard <rubenv AT drcmr.dk>
- To: cat-users AT lists.geant.org
- Subject: [[cat-users]] Certificate validation
- Date: Fri, 19 Jan 2018 14:04:26 +0100
Greetings! New here, been trawling the archive, but please forgive if I miss something obvious :)
From the FAQ:
(?) I can connect to eduroam simply by providing username and
password, what is the point of using an installer?
(!) When you are connecting from an unconfigured device your
security is at risk. The very point of preconfiguration is to set up
security, when this is done, your device will first confirm that it
talks to the correct authentication server and will never send your
password to an untrusted one.
The very point of TLS is to verify that you're talking to the correct server in the first place (okay, encryption, however) - why doesn't my O/S flat out reject the connection if the certificate is unverifiable?
Why does PEAP even bother with TLS if it isn't going to use it?
Cheers,
Ruben Vestergaard
- [[cat-users]] Certificate validation, Ruben Vestergaard, 01/19/2018
- Re: [[cat-users]] Certificate validation, Jørn Åne, 01/22/2018
- Re: [[cat-users]] Certificate validation, Ruben Vestergaard, 01/22/2018
- Re: [[cat-users]] Certificate validation, Jørn Åne, 01/22/2018
- Re: [[cat-users]] Certificate validation, Ruben Vestergaard, 01/22/2018
- Re: [[cat-users]] Certificate validation, Jørn Åne, 01/22/2018
- Re: [[cat-users]] Certificate validation, Ruben Vestergaard, 01/22/2018
- Re: [[cat-users]] Certificate validation, Jørn Åne, 01/22/2018
Archive powered by MHonArc 2.6.19.