Michal Prochazka wrote:
I don't agree with you. Freeradius checks that the certificate is issued
by one of the CA defined in config of EAP-TLS. And then this script
compare the subject, you cannot forged it. And of course this patch can
be easily enhanced to export sha1/md5 signatures.
Oh, I've missed your point, sorry.
This patch is against using some (for example, e-mail signing)
certificate (issued by proper CA!) as wireless client's one, am I right
on second try? :)
--
// Lev Serebryakov
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html