>>>>> "Alan" == Alan DeKok <al...@deployingradius.com> writes:
Alan> Sam Hartman wrote: >> * The client wants assurance that it's talking to a consistent >> server so that you only end up having to authenticate the server >> at one level. Alan> I have always been unsure as to why clients don't tie Alan> credentials to a server certificate. Instead, they are Alan> usually tied to an SSID. And while clients can verify the Alan> servers CA, the CA is usually in a global CA store. Hmm. Android at least seems to let me pick an expected CA for each SSID separately. I don't have EAP here at home so I've not played with the security. That presumably means that wpa_supplicant gives you enough rope under the covers. I can't help the Windows and mac users:-) _______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu