RE: Query on setting ca-path and ca-cert with dbus for 802.1x

John Carter Tue, 20 Mar 2012 06:55:29 -0700

Thanks Dan/Ludwig.

-----Original Message-----
From: Ludwig Nussel [mailto:ludwig.nus...@suse.de] 
Sent: 20 March 2012 13:39
To: networkmanager-list@gnome.org
Cc: John Carter
Subject: Re: Query on setting ca-path and ca-cert with dbus for 802.1x


Dan Williams wrote:
> [...]
> has payed say Verisign to sign their organization-wide CA, which they 
> then use to sign the server's certificate.
> [...]
> Always set a CA certificate, and optionally set the subject match 
> stuff

Subject match is mandatory in that case. When setting the CA alone you are
still prone to MITM (CVE-2006-7246).

cu
Ludwig

-- 
 (o_   Ludwig Nussel
 //\
 V_/_  http://www.suse.de/
SUSE LINUX Products GmbH, GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer,
HRB 16746 (AG Nürnberg) 

_______________________________________________
networkmanager-list mailing list
networkmanager-list@gnome.org
http://mail.gnome.org/mailman/listinfo/networkmanager-list

RE: Query on setting ca-path and ca-cert with dbus for 802.1x

Reply via email to