Skip to Content.
Sympa Menu

cat-users - [[cat-users]] Unique device credentials

cat-users AT lists.geant.org

Subject: The mailing list for users of the eduroam Configuration Assistant Tool (CAT)

List archive

[[cat-users]] Unique device credentials


Chronological Thread 
    < Chronological >      < Thread >
  • From: Per Mejdal Rasmussen <pmr AT its.aau.dk>
  • To: "cat-users AT lists.geant.org" <cat-users AT lists.geant.org>
  • Subject: [[cat-users]] Unique device credentials
  • Date: Fri, 29 Mar 2019 16:19:13 +0100
  • Authentication-results: spf=pass (sender IP is 130.225.194.128) smtp.mailfrom=its.aau.dk; lists.geant.org; dkim=none (message not signed) header.d=none;lists.geant.org; dmarc=pass action=none header.from=its.aau.dk;
At my university many student devices are not configured to verify the radius server certificate, despite we for many years have told the students to use the CAT tool.

As a consequence we will make system that generates unique credentials per device. Where each username/password pair is locked to a specific mac address.

This will make it impossible to reuse stolen eduroam credentials for other systems, and make it very hard to use stolen credentials on other devices.

I was wondering if anyone else has made a similar system, or know of a system you can buy for that purpose?

The reason we don't just use device certificates, is that it is not as widely supported as username/password in devices.


--
Per Mejdal Rasmussen
http://personprofil.aau.dk/109070

  • [[cat-users]] Unique device credentials, Per Mejdal Rasmussen, 03/29/2019

Archive powered by MHonArc 2.6.19.

Top of Page