An open discussion list for topics related to the geteduroam service

[Jørn Åne de Jong <jorn.dejong AT uninett.no>]

On 17/04/2021 23:10, Martin Pauly (via geteduroam Mailing List) wrote:
> Hi Paul.
> 
> On 16.04.21 18:57, Paul Dekkers (via geteduroam Mailing List) wrote:
>> Perhaps I don’t understand; but this is what we do, right? Also in
>> 1.0.16 we pin the certificates to what is provided in CAT? So it ís
>> secure?
> 
> Yes, at least. But at least on this particular AOSP incarnation
> the setting in the UI _seems_ to remain on "Please Select".
> I have not had the time yet to really attack it with a more sophisticated
> Rogue AP, e.g. one that is from a known-good CA, but carries some other
> name.
> I hope I can get my hands on a Pixel 4 and test a bit more next week

On my test Android, it looks like this when there are multiple
certificates.  Which CAT profile is this?


-- 
Vennlig hilsen/Best regardsJørn Åne de Jong
Systemutvikler/Systems Developer
Uninett AS
jorn.dejong AT uninett.no
+47 95 36 10 17
www.uninett.no
Abonner på vårt nyhetsbrev www.uninett.no/nyhetsbrev

Attachment: eduroam-multica.png
Description: PNG image

Attachment: OpenPGP_signature
Description: OpenPGP digital signature