cat-users AT lists.geant.org
Subject: The mailing list for users of the eduroam Configuration Assistant Tool (CAT)
List archive
- From: Per Mejdal Rasmussen <pmr AT its.aau.dk>
- To: Stefan Winter <stefan.winter AT restena.lu>, <cat-users AT lists.geant.org>
- Subject: Re: [[cat-users]] How we deal with [unsecure] devices on eduroam
- Date: Wed, 2 Oct 2019 14:05:22 +0200
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 130.225.198.192) smtp.rcpttodomain=lists.geant.org smtp.mailfrom=its.aau.dk; dmarc=pass (p=none sp=none pct=100) action=none header.from=its.aau.dk; dkim=none (message not signed); arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=PC+h17yo1HgBvmKBnhMFVk+B7nS/Fy4iumSv54PATkw=; b=BoBXP3lCVTm3Xou5Z8r+I1JqR4WnrdpqMLK5LDXNjlXt6Y/NMBIMG1v6aU68yG8021tUwMSO0Xub8rQT5ENDWpOL2rIfexdE/uLuCaXaKzziqLCd82R+wWV6KsysgeN5EltdMjN4EM84sOyT0bcPvSMAbYQiozUhdQI+Kcm4z52V3ZA5NOARr/3vZoidWd9WoUWYluwvltiaqLuD6dkOWGj2GJSRb+SytnGnY2Z+swQmzp7P9paSIPbNbquWjYW6QL/4fzQsdUFHVt7SHc4tYPU+VcMcCLFNg1NHXGpvgPvdmHJ/j58AQEmUe24ZBWAzwgbeyE6rsx5oGLk/R1x6MA==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=T19r5/of3++n1SiRi+Re5X4oZ4mx4NiQ6GhjUF55Ss/WyIMfxsQOsxwcEO72pqNXKeFm3XW7mrd/VS0BxsSkxLRPOH9PiTFgxmioZaKTqbAobTwP4JP6p7boNjHasydxKYWjzubAkAM8uq+Q0uR3sGsVfbz3cpFkWMbt/1Gbnyew2dAYbEEo2RnmKKyr0NKaG+0FhjrNFNVwmfRbXVka4fZgNvezcnKCmlzEWibGn6TfbZowMJOR0j0jfTd9PsfsS9xjX8+W4a8+uBKtSwgkE9A1oFlpF36++VKhGfuucBxX3xiC/HGSGEqAxQOu/YRqCKBBrbxo/AxrYzJg2BtIAw==
- Authentication-results: spf=pass (sender IP is 130.225.198.192) smtp.mailfrom=its.aau.dk; lists.geant.org; dkim=none (message not signed) header.d=none;lists.geant.org; dmarc=pass action=none header.from=its.aau.dk;
On 2019-10-02 09:17, Stefan Winter wrote:
That is why the eduroam policy is very explicit about server-side
validation: you need to instruct your users to configure server-side
validation, and need to supply them with the means to do so (i.e. tell
them about CA and expected server name).
Just to clarify: We do, and will continue to instruct our users to install the CA in all our guides, installers and helpdesks.
A typical question from support to me was: So we don't need to install the CA anymore? and my answer was: You still need the install the CA, but in-case it is not done, a hacker can only get access to eduroam. Not the mails and files of the user.
--
Per Mejdal Rasmussen
http://personprofil.aau.dk/109070
- Re: [[cat-users]] How we deal with [unsecure] devices on eduroam, Per Mejdal Rasmussen, 10/01/2019
- Re: [[cat-users]] How we deal with [unsecure] devices on eduroam, Per Mejdal Rasmussen, 10/01/2019
- Re: [[cat-users]] How we deal with [unsecure] devices on eduroam, Stefan Winter, 10/02/2019
- Re: [[cat-users]] How we deal with [unsecure] devices on eduroam, JÁKÓ András, 10/02/2019
- Re: [[cat-users]] How we deal with [unsecure] devices on eduroam, Martin Pauly, 10/02/2019
- Re: [[cat-users]] How we deal with [unsecure] devices on eduroam, Stefan Paetow, 10/02/2019
- Re: [[cat-users]] How we deal with [unsecure] devices on eduroam, Per Mejdal Rasmussen, 10/02/2019
- Re: [[cat-users]] How we deal with [unsecure] devices on eduroam, Stefan Paetow, 10/02/2019
- Re: [[cat-users]] How we deal with [unsecure] devices on eduroam, Stefan Winter, 10/02/2019
- Re: [[cat-users]] How we deal with [unsecure] devices on eduroam, Per Mejdal Rasmussen, 10/01/2019
Archive powered by MHonArc 2.6.19.