Re: Query on setting ca-path and ca-cert with dbus for 802.1x

From: Ludwig Nussel <ludwig nussel suse de>
To: networkmanager-list gnome org
Subject: Re: Query on setting ca-path and ca-cert with dbus for 802.1x
Date: Tue, 20 Mar 2012 14:38:51 +0100

Dan Williams wrote:
> [...]
> has payed say Verisign to sign their organization-wide CA, which they
> then use to sign the server's certificate.
> [...]
> Always set a CA certificate, and optionally set the subject match stuff

Subject match is mandatory in that case. When setting the CA alone
you are still prone to MITM (CVE-2006-7246).

cu
Ludwig

-- 
 (o_   Ludwig Nussel
 //\
 V_/_  http://www.suse.de/
SUSE LINUX Products GmbH, GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer, HRB 16746 (AG Nürnberg)

Follow-Ups:
- RE: Query on setting ca-path and ca-cert with dbus for 802.1x
  - From: John Carter

References:
- Query on setting ca-path and ca-cert with dbus for 802.1x
  - From: John Carter
- Re: Query on setting ca-path and ca-cert with dbus for 802.1x
  - From: Dan Williams

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]