Thanks Dan/Ludwig. -----Original Message----- From: Ludwig Nussel [mailto:ludwig.nus...@suse.de] Sent: 20 March 2012 13:39 To: networkmanager-list@gnome.org Cc: John Carter Subject: Re: Query on setting ca-path and ca-cert with dbus for 802.1x
Dan Williams wrote: > [...] > has payed say Verisign to sign their organization-wide CA, which they > then use to sign the server's certificate. > [...] > Always set a CA certificate, and optionally set the subject match > stuff Subject match is mandatory in that case. When setting the CA alone you are still prone to MITM (CVE-2006-7246). cu Ludwig -- (o_ Ludwig Nussel //\ V_/_ http://www.suse.de/ SUSE LINUX Products GmbH, GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer, HRB 16746 (AG Nürnberg) _______________________________________________ networkmanager-list mailing list networkmanager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list