RE: Query on setting ca-path and ca-cert with dbus for 802.1x
- From: "John Carter" <jcarter identitynetworks com>
- To: <networkmanager-list gnome org>
- Subject: RE: Query on setting ca-path and ca-cert with dbus for 802.1x
- Date: Tue, 20 Mar 2012 13:52:57 -0000
Thanks Dan/Ludwig.
-----Original Message-----
From: Ludwig Nussel [mailto:ludwig nussel suse de]
Sent: 20 March 2012 13:39
To: networkmanager-list gnome org
Cc: John Carter
Subject: Re: Query on setting ca-path and ca-cert with dbus for 802.1x
Dan Williams wrote:
> [...]
> has payed say Verisign to sign their organization-wide CA, which they
> then use to sign the server's certificate.
> [...]
> Always set a CA certificate, and optionally set the subject match
> stuff
Subject match is mandatory in that case. When setting the CA alone you are
still prone to MITM (CVE-2006-7246).
cu
Ludwig
--
(o_ Ludwig Nussel
//\
V_/_ http://www.suse.de/
SUSE LINUX Products GmbH, GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer,
HRB 16746 (AG Nürnberg)
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
