I changed default_eap_type=md5 to default_eap_type=ttls and now the
Macs are able to authenticate without Certs or any configuration on their
side!!
...remember though that working != secure [necessarily]. Clients defaulting
to accept any radius server cert, or those that default to prompt the
Hi,
1) It validates the server cert to assure it's signed by a CA it trusts
(possibly via a cert chain).
2) It then validates the certificate subject to make sure the server it
thought it was connecting to appears in the certificate (either as the
certificate subject or one of the
On Mar 7, 2011, at 3:57 PM, Alan Buxey wrote:
Hi,
1) It validates the server cert to assure it's signed by a CA it trusts
(possibly via a cert chain).
2) It then validates the certificate subject to make sure the server it
thought it was connecting to appears in the certificate
On 07/03/2011 21:42, John Dennis wrote:
I changed default_eap_type=md5 to default_eap_type=ttls and now the
Macs are able to authenticate without Certs or any configuration on their
side!!
...remember though that working != secure [necessarily]. Clients defaulting
to accept any radius server
On Mar 7, 2011, at 4:03 PM, Arran Cudbard-Bell wrote:
On Mar 7, 2011, at 3:57 PM, Alan Buxey wrote:
Hi,
1) It validates the server cert to assure it's signed by a CA it trusts
(possibly via a cert chain).
2) It then validates the certificate subject to make sure the server it
On Mar 7, 2011, at 4:05 PM, James J J Hooper wrote:
On 07/03/2011 21:42, John Dennis wrote:
I changed default_eap_type=md5 to default_eap_type=ttls and now the
Macs are able to authenticate without Certs or any configuration on their
side!!
...remember though that working != secure
On 07/03/2011 22:18, Arran Cudbard-Bell wrote:
On Mar 7, 2011, at 4:05 PM, James J J Hooper wrote:
On 07/03/2011 21:42, John Dennis wrote:
I changed default_eap_type=md5 to default_eap_type=ttls and now the
Macs are able to authenticate without Certs or any configuration on their
side!!
John Dennis jden...@redhat.com writes:
So why does this group think PKI doesn't work?
PKI works. gnupg is an example of that.
SSL doesn't work. Faulty design: Single trust anchor, black or white
trust only, and large commercial interests are all reasons for that.
Bjørn
-
List
8 matches
Mail list logo