cat-users AT lists.geant.org
Subject: The mailing list for users of the eduroam Configuration Assistant Tool (CAT)
List archive
- From: "Scheller, Ronald" <Ronald.Scheller AT ipb-halle.de>
- To: Monika Brand <monika.brand AT uni-wuerzburg.de>, "cat-users AT lists.geant.org" <cat-users AT lists.geant.org>
- Subject: AW: [[cat-users]] Frage zu eduroam auf Android
- Date: Thu, 4 Jul 2019 10:32:01 +0000
- Accept-language: de-DE, en-US
- Authentication-results: spf=none (sender IP is ) smtp.mailfrom=Ronald.Scheller AT ipb-halle.de;
It is possible with some (unfortunately not all) Android devices version 7 or
higher if the root certificate is present in system memory.
The eduroam setup must then be done manually and the correct certificate must
be selected.
For German research institutes with DFN connection, this is probably from
10.7.2019 at the latest "T-TeleSec GlobalRoot Class 2".
Mit freundlichen Grüßen
Ronald Scheller
IT-Admin IPB Halle
Tel. +49 345 55821641
> -----Ursprüngliche Nachricht-----
> Von: cat-users-request AT lists.geant.org [mailto:cat-users-
> request AT lists.geant.org] Im Auftrag von Stefan Winter
> Gesendet: Donnerstag, 4. Juli 2019 12:05
> An: Monika Brand <monika.brand AT uni-wuerzburg.de>; cat-
> users AT lists.geant.org
> Betreff: Re: [[cat-users]] Frage zu eduroam auf Android
>
> Hello,
>
> > ist es möglich, eduroam auf einem Smartphone mit Android einzurichten
> > und zu betreiben, wenn auf dem Gerät keine Bildschirmsperre (mit PIN
> > oder Muster) eingerichtet ist?
>
> Android requests the device lock because a so-called digital certificate
> has to
> be installed. That certificate is used to verify the authenticity of the
> eduroam
> network whenever you connect to a network with the eduroam name.
>
> The activation of a device lock is REQUIRED by the Android operating system
> as soon as a digital certificate is installed. I.e. this is beyond our
> app's control.
>
> The only alternative would be to configure your device manually and instruct
> it to IGNORE the authenticity check (because then you would not need the
> certificate on the device).
>
> However, then your device would send your username and password to
> random third parties who claim to be an eduroam network but may instead
> be an attacker trying to steal your password.
>
> So, while technically possible, it is a VERY BAD idea and we do not
> encourage
> or endorse any such behaviour.
>
> Greetings,
>
> Stefan Winter
>
> --
> Stefan WINTER
> Ingenieur de Recherche
> Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et de
> la Recherche 2, avenue de l'Université
> L-4365 Esch-sur-Alzette
>
> Tel: +352 424409 1
> Fax: +352 422473
>
> PGP key updated to 4096 Bit RSA - I will encrypt all mails if the
> recipient's key
> is known to me
>
> http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xC0DE6A358A39DC6
> 6
- [[cat-users]] Frage zu eduroam auf Android, Monika Brand, 07/04/2019
- Re: [[cat-users]] Frage zu eduroam auf Android, Stefan Winter, 07/04/2019
- AW: [[cat-users]] Frage zu eduroam auf Android, Scheller, Ronald, 07/04/2019
- Re: [[cat-users]] Frage zu eduroam auf Android, Stefan Winter, 07/04/2019
Archive powered by MHonArc 2.6.19.