cat-users AT lists.geant.org
Subject: The mailing list for users of the eduroam Configuration Assistant Tool (CAT)
List archive
- From: Tomasz Wolniewicz <twoln AT umk.pl>
- To: db AT alaska.edu, cat-users AT lists.geant.org
- Subject: Re: [[cat-users]] "manual" installation instructions
- Date: Mon, 5 Nov 2018 22:59:03 +0100
- Autocrypt: addr=twoln AT umk.pl; prefer-encrypt=mutual; keydata= xsBNBEvhYBEBCADIlSk8hnUtSfZ1hLbuqiUxTiBtm65lM6OlxjYnWEsH/boOsVS/WdFZebwK 53eg280UcX9VDjFjy5rimsknCvxabnxk13AF//t9mN9tq5MmIkIcRIpLrtqc8Q0s0E84cNzB bDMtRzAd7JUTmKyAnkKE9i2R9FJKzeR9TTeKtBdgXHtUKPHPGOdxUUv8UWKxsj9AYi2CgN98 jiWLx6lTIpaWegWxIyih7WUKSf43Bpi6wFxhfOxteLyQUpIlGg4CasTVGpFsha8KzlupXOLG Tl3hXtQFWvE0tl1GidvTyuQlOzsZ1vjTNEzI25VTkOIgP4IYcWSkP74p/a239ZcTOHhZABEB AAHNIFRvbWFzeiBXb2xuaWV3aWN6IDx0d29sbkB1bWsucGw+wsB4BBMBAgAiBQJL4WARAhsD BgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRA8PEwxkb+lPgkeB/9NAGlmopLel6EEDFz2 ra3KLBx8kXT3G1K/YYyrjDwNjCkAmm0evzQx8g9vPX2OzvE6Ai2Xi9hPd2K/ShPFPcgJzzjr h9H1XYfBb2N/tRwN9tb4XO5i9Tsa4jP+SG8h2yQY57QOeFy16joDmIZiZrAEIGpqqSV24PrX FSo2d1E4dMswqDXlEYk9hwbdW9H4zOQrnDZeRlRx/RW/cmWTd8r5C12dKhlT/D/fBkL3eYT7 rnjHtS+ArnMUsxu2Z/q6bmxqRyv4Vn4pR0n699iLa0ol2hWeQJFaZyTA7JksW8zWu/Zasd9K Dw3jM59vs/SXVdG8pMexAzH5jmEEAgwYwUbVzsBNBEvhYBEBCACgAz/z7VTnCsPSBUrjCLyS j+eRtr2tQzSU48Qa5hOcIxAKQJQNgOOqs0Mq9fT9lV+OttaYyKtijt1+G2dVMETVFkdZmM0c g8pVJp398993v89U/iwjfvNoqCM/9z312Poha/oL/EOk+gWYxZbyQ18SY69va2WHr6Pl3bzR 6BQpb86W85MreQ2lxd76b6BgjOXA/b39YyU/fMeFQd+wDpT3K1fUr89dYRnyzQIxTBSPOMLQ ShHKc/S8dStbNlLNcnaiyBOsH4A7b6IizQGqyVHBeL7u05X0/ZVdEIgsO3NmQouqY0/WjBdV qg4EsI1VvvgwXKWafP1MryLy4ZcnNjQZABEBAAHCwF8EGAECAAkFAkvhYBECGwwACgkQPDxM MZG/pT6lUQf8DC3i15okq3VycbpTYuH6f1lQkqanMS0z4z8F6xtCeXq0DBFk0ZzAU/mCwc3V PdUVGtRKGjouSAB1HDeTvAth1vY0oOJG3kXBwkcui3QxM3sxksNCRLLwcZVnsK9rt6UVp5aG qBwKf44BSApGyHNuKDhCfMCQHueqlfhJYfXocw6KDObvTkwygHLmw93ohV66v26yNvGo6+q2 qTDykGyuicACPDTyJTWFh2IwwZFAdzcc7St8aKkXFk0zWvoriWHeTLUnuFw7HN640IJkG74a 4NGco2yPc7Cz6q59rgE9xydOOXRdmnfiuJu0kQvQocD1rVLjW3qXdnxPd2/FhO4vWg==
- Openpgp: preference=signencrypt
|
Hi David, it could be said that you came to the wrong address. People are on this list precisely for the reason of avoiding manual configurations. There is no way that you can force the users to follow instructions even if they are very precise, we have created CAT to make this manageable. I think that the institutions advertising insecure configurations are unaware of the risk for the users and tempted by the ease of the insecure configuration. In fact advertising an insecure configuration violates eduroam policy, that requires that all partners provide secure end-end authentication methods. National eduroam operators should talk to these institutions and explain why they should stop doing that. Cheers Tomasz
W dniu 05.11.2018 o 22:47, IAM David
Bantz pisze:
I've attempted to find institutions' instructions
for manually configuring eduroam supplicants (because I have
been charged to provide alternatives to present to users in
addition to using CAT installers). I don't know whether I should
be surprised, but essentially all instances I found omit
designating the authentication service and verifying trust of
the certificate it presents. It will be a little hard to
maintain a firm stance for locking down these configurations if
folks can point to other prestigious institutions that offer a
simple "enter your netID and password" and click "automatically
connect" as a way of configuring eduroam on their devices.
To unsubscribe,
send this message:
mailto:sympa AT lists.geant.org?subject=unsubscribe%20cat-usersCan anyone point me to detailed manual eduroam
configuration instructions (particularly for Windows 10, as
our CAT installer is failing to enable connecting with a
certificate trust issue described in other posts)?
Have there been cases "in the wild" of fake eduroam SSIDs
or MiM capturing users' credentials from insecurely configured
supplicants? An example will likely carry more weight than
only a technically possible risk.
Why are institutions advertising unsecured configurations?
Thank you,
David Bantz
U Alaska
Or use the following link: https://lists.geant.org/sympa/sigrequest/cat-users --
Tomasz Wolniewicz
twoln AT umk.pl http://www.home.umk.pl/~twoln
Uczelniane Centrum Informatyczne Information&Communication Technology Centre
Uniwersytet Mikolaja Kopernika Nicolaus Copernicus University,
pl. Rapackiego 1, Torun pl. Rapackiego 1, Torun, Poland
tel: +48-56-611-2750 fax: +48-56-622-1850 tel kom.: +48-693-032-576
|
- [[cat-users]] "manual" installation instructions, IAM David Bantz, 11/05/2018
- Re: [[cat-users]] "manual" installation instructions, Tomasz Wolniewicz, 11/05/2018
- Re: [[cat-users]] "manual" installation instructions, db AT alaska.edu, 11/05/2018
- Re: [[cat-users]] "manual" installation instructions, IAM David Bantz, 11/06/2018
- Re: [[cat-users]] "manual" installation instructions, Stefan Winter, 11/06/2018
- Re: [[cat-users]] "manual" installation instructions, Alan Buxey, 11/06/2018
- Re: [[cat-users]] "manual" installation instructions, Tomasz Wolniewicz, 11/06/2018
- Re: [[cat-users]] "manual" installation instructions, IAM David Bantz, 11/06/2018
- Re: [[cat-users]] "manual" installation instructions, Tomasz Wolniewicz, 11/06/2018
- Re: [[cat-users]] "manual" installation instructions, Alan Buxey, 11/06/2018
- Re: [[cat-users]] "manual" installation instructions, Stefan Winter, 11/06/2018
- Re: [[cat-users]] "manual" installation instructions, Alan Buxey, 11/06/2018
- Re: [[cat-users]] "manual" installation instructions, Stefan Winter, 11/06/2018
- Re: [[cat-users]] "manual" installation instructions, Martin Pauly, 11/07/2018
- Re: [[cat-users]] "manual" installation instructions, Per Mejdal Rasmussen, 11/08/2018
- Re: [[cat-users]] "manual" installation instructions, IAM David Bantz, 11/06/2018
- Re: [[cat-users]] "manual" installation instructions, db AT alaska.edu, 11/05/2018
- Re: [[cat-users]] "manual" installation instructions, Tomasz Wolniewicz, 11/05/2018
Archive powered by MHonArc 2.6.19.