cat-users AT lists.geant.org
Subject: The mailing list for users of the eduroam Configuration Assistant Tool (CAT)
List archive
- From: David Andrus <david_andrus AT byu.edu>
- To: Alberto Martínez <alberto_martinez AT deusto.es>
- Cc: "cat-users AT lists.geant.org" <cat-users AT lists.geant.org>
- Subject: RE: [[cat-users]] CAT profile installer vs manual config
- Date: Fri, 7 Sep 2018 16:53:16 +0000
- Accept-language: en-US
- Authentication-results: prod-mail.geant.net (amavisd-new); dkim=fail (2048-bit key) reason="fail (message has been altered)" header.d=byu.edu
“The Android profile is in fact the most important one, just for the fact that no one seems to care about the "Do not validate" thingie. Not even a "Network Product Manager".”
I never said I don’t care. Just that I find it annoying that a consumer-oriented mobile operating system makes this such a difficult process compared to every other O/S out there. This isn’t one rarely used Linux distro. It’s common to every Android device out there. Apple and Microsoft only present a username/password prompt – why does Android ask for EAP type, Phase 2 auth, etc? I’d actually really like to know the reason for this if anyone knows the answer.
I was also offering MY reasons why I like the installer and what I see as a problem. My primary role in our organization is improving network functionality and usability for nearly 40,000 daily users with over 100,000 devices – I look at things from the perspective of non-technical faculty, staff, students and visitors and that was the spirit of my response. Others have responded with deeper technical answers and I’ve found them to be quite informative.
-- David Andrus Network Product Manager Brigham Young University O: (801)422-0969 C: (385)312-7414
From: Alberto Martínez <alberto_martinez AT deusto.es>
Hi,
El vie., 7 sept. 2018 a las 4:14, David Andrus (<david_andrus AT byu.edu>) escribió:
Not to mention connection security enforcement provided by the installer and just not there if configured manually.
Well, Apple pins the first server certificate they see. No problem with that except:
The Android profile is in fact the most important one, just for the fact that no one seems to care about the "Do not validate" thingie. Not even a "Network Product Manager".
You could let your users use unqualified usernames or no anonymous qualified usernames, but then their eduroam WiFi profile won't work outside your institution. How can other institutions know where to send the auth request? What is the point of using eduroam then?
Cheers, Alberto
|
- [[cat-users]] CAT profile installer vs manual config, IAM David Bantz, 09/07/2018
- Re: [[cat-users]] CAT profile installer vs manual config, Philippe Hanset, 09/07/2018
- Re: [[cat-users]] CAT profile installer vs manual config, David Andrus, 09/07/2018
- Re: [[cat-users]] CAT profile installer vs manual config, Felix Windt, 09/07/2018
- Re: [[cat-users]] CAT profile installer vs manual config, IAM David Bantz, 09/07/2018
- Re: [[cat-users]] CAT profile installer vs manual config, Alberto Martínez, 09/07/2018
- RE: [[cat-users]] CAT profile installer vs manual config, David Andrus, 09/07/2018
- Re: [[cat-users]] CAT profile installer vs manual config, IAM David Bantz, 09/07/2018
- Re: [[cat-users]] CAT profile installer vs manual config, Felix Windt, 09/07/2018
- Re: [[cat-users]] CAT profile installer vs manual config, David Andrus, 09/07/2018
- Re: [[cat-users]] CAT profile installer vs manual config, Tony Skalski, 09/07/2018
- Re: [[cat-users]] CAT profile installer vs manual config, Philippe Hanset, 09/07/2018
Archive powered by MHonArc 2.6.19.