date:20210210

RE: Android 11 Manual Profile Configuration Variable

2021-02-10 Thread Floyd, Brad

Thanks Tim.
Brad

From: The EDUCAUSE Wireless Issues Community Group Listserv 
 On Behalf Of Tim Cappalli
Sent: Wednesday, February 10, 2021 4:07 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Android 11 Manual Profile Configuration Variable

Yes, the same as all the other platforms.

If the CN of your EAP server certificate is “networklogin.awesomeu.edu” then 
that should be what is configured in the supplicant.

SAN DNS entries could also be used but there should be no need given an EAP 
server certificate does not need multiple names for the most common use cases.

tim

From: Floyd, Brad
Sent: Wednesday, February 10, 2021 17:03
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Android 11 Manual Profile Configuration Variable

Tim,

So the subject of the EAP server certificate is equal to the FQDN of my RADIUS 
server certificate or of a SAN entry within the server certificate?

Here is a screenshot from Eric’s Glinsky’s previous e-mail where I saw the 
domain variable. I don’t have an Android 11 device handy to test with.

[cid:image001.png@01D6FFC6.4E70EF80]

Thanks,
Brad

From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
On Behalf Of Tim Cappalli
Sent: Wednesday, February 10, 2021 3:22 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Android 11 Manual Profile Configuration Variable

Which profile are you referring to? Android does not have a generic profile 
construct.

Domain refers to the subject of the EAP server certificate (e.g. 
networklogin.mydomain.com) and yes subject matching is required for a proper 
supplicant configuration.

tim

From: Floyd, Brad
Sent: Wednesday, February 10, 2021 16:17
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Android 11 Manual Profile Configuration Variable

From the ongoing discussion about Android 11 (Google Pixel) configuration, I 
see a variable named “Domain” in the profile configuration. I have not seen 
this variable with previous versions of Android 802.1X profiles. Does this 
field need to be filled in with this new version? If so, should it be something 
like: “myuniversity.edu”? if not, what?
Thanks,
Brad

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at 
https://www.educause.edu/community

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at 
https://www.educause.edu/community

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at 
https://www.educause.edu/community

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

**
Replies to EDUCAUSE Community Group emails

RE: Android 11 Manual Profile Configuration Variable

2021-02-10 Thread Tim Cappalli

Yes, the same as all the other platforms.

If the CN of your EAP server certificate is “networklogin.awesomeu.edu” then 
that should be what is configured in the supplicant. 

SAN DNS entries could also be used but there should be no need given an EAP 
server certificate does not need multiple names for the most common use cases.

tim

From: Floyd, Brad
Sent: Wednesday, February 10, 2021 17:03
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Android 11 Manual Profile Configuration Variable

Tim,

So the subject of the EAP server certificate is equal to the FQDN of my RADIUS 
server certificate or of a SAN entry within the server certificate?

Here is a screenshot from Eric’s Glinsky’s previous e-mail where I saw the 
domain variable. I don’t have an Android 11 device handy to test with.



Thanks,
Brad

From: The EDUCAUSE Wireless Issues Community Group Listserv 
 On Behalf Of Tim Cappalli
Sent: Wednesday, February 10, 2021 3:22 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Android 11 Manual Profile Configuration Variable

Which profile are you referring to? Android does not have a generic profile 
construct.

Domain refers to the subject of the EAP server certificate (e.g. 
networklogin.mydomain.com) and yes subject matching is required for a proper 
supplicant configuration.

tim



From: Floyd, Brad
Sent: Wednesday, February 10, 2021 16:17
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Android 11 Manual Profile Configuration Variable

>From the ongoing discussion about Android 11 (Google Pixel) configuration, I 
>see a variable named “Domain” in the profile configuration. I have not seen 
>this variable with previous versions of Android 802.1X profiles. Does this 
>field need to be filled in with this new version? If so, should it be 
>something like: “myuniversity.edu”? if not, what?
Thanks,
Brad

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community 

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community 
**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community 


**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community


smime.p7s
Description: S/MIME cryptographic signature

RE: Android 11 Manual Profile Configuration Variable

2021-02-10 Thread Floyd, Brad

Tim,

So the subject of the EAP server certificate is equal to the FQDN of my RADIUS 
server certificate or of a SAN entry within the server certificate?

Here is a screenshot from Eric’s Glinsky’s previous e-mail where I saw the 
domain variable. I don’t have an Android 11 device handy to test with.

[cid:image001.png@01D6FFC6.4E70EF80]

Thanks,
Brad

From: The EDUCAUSE Wireless Issues Community Group Listserv 
 On Behalf Of Tim Cappalli
Sent: Wednesday, February 10, 2021 3:22 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Android 11 Manual Profile Configuration Variable

Which profile are you referring to? Android does not have a generic profile 
construct.

Domain refers to the subject of the EAP server certificate (e.g. 
networklogin.mydomain.com) and yes subject matching is required for a proper 
supplicant configuration.

tim



From: Floyd, Brad
Sent: Wednesday, February 10, 2021 16:17
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Android 11 Manual Profile Configuration Variable

From the ongoing discussion about Android 11 (Google Pixel) configuration, I 
see a variable named “Domain” in the profile configuration. I have not seen 
this variable with previous versions of Android 802.1X profiles. Does this 
field need to be filled in with this new version? If so, should it be something 
like: “myuniversity.edu”? if not, what?
Thanks,
Brad


**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at 
https://www.educause.edu/community


**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

RE: Android 11 Manual Profile Configuration Variable

2021-02-10 Thread Tim Cappalli

Which profile are you referring to? Android does not have a generic profile 
construct.

Domain refers to the subject of the EAP server certificate (e.g. 
networklogin.mydomain.com) and yes subject matching is required for a proper 
supplicant configuration.

tim



From: Floyd, Brad
Sent: Wednesday, February 10, 2021 16:17
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Android 11 Manual Profile Configuration Variable

>From the ongoing discussion about Android 11 (Google Pixel) configuration, I 
>see a variable named “Domain” in the profile configuration. I have not seen 
>this variable with previous versions of Android 802.1X profiles. Does this 
>field need to be filled in with this new version? If so, should it be 
>something like: “myuniversity.edu”? if not, what?
Thanks,
Brad

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community 


**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community


smime.p7s
Description: S/MIME cryptographic signature

Android 11 Manual Profile Configuration Variable

2021-02-10 Thread Floyd, Brad

>From the ongoing discussion about Android 11 (Google Pixel) configuration, I 
>see a variable named "Domain" in the profile configuration. I have not seen 
>this variable with previous versions of Android 802.1X profiles. Does this 
>field need to be filled in with this new version? If so, should it be 
>something like: "myuniversity.edu"? if not, what?
Thanks,
Brad


**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

Re: [WIRELESS-LAN] android 11 upcoming changes Feb 15th 2021

2021-02-10 Thread Jonathan Waldrep

 This thread has been about the "CA certificate" option, which is stuck
on "Use system certificates". This is specifying which CA the server
cert should chain back to. It defaults to any system (CA/B forum)
certificate.

 You are looking at the "Online Certificate Status" option, which is
what specifies the OCSP behavior. This is for checking if the server
cert has been revoked. Good to have, but nowhere near as critical as the
first option. Also, selecting the wrong option here can prevent someone
from connecting if your RADIUS server is not doing OCSP stapling.

On 2021-02-10 10:44:45-0500, Walter Reynolds wrote:
> Here are the screenshots.
> 
> 
> 
> [image: software update.jpg][image: software.jpg][image: phone 
> type.jpg][image:
> base screen.jpg][image: options dropdown.jpg]
> 
> 
> 
> -
> Walter Reynolds
> Network Architect
> Information and Technology Services
> University of Michigan
> (734) 615-9438
> 
> 
> On Wed, Feb 10, 2021 at 6:49 AM Mathieu Sturm 
> wrote:
> 
> > I’ve ordered a Pixel 5 and will do some testing as well.
> >
> > I’ve been testing with a virtual android 11 on android studio. This
> > virtual android 11 also had the option to select “don’t validate” option.
> >
> >
> >
> > I will share my findings once testing has been done.
> >
> >
> >
> >
> >
> > *Mathieu Sturm*
> > Hoofdmedewerker Netwerkbeheer
> >
> > [image: https://www.hogent.be/www/assets/Image/logo2018.png]
> >
> > *Directie Financiën, Infrastructuur en IT*
> >
> > Afdeling Netwerkbeheer
> >
> > Campus Schoonmeerssen - Gebouw B  Lokaal B0.75
> >
> > Valentin Vaerwyckweg 1 - 9000 Gent
> >
> > +32 9 243 35 23
> >
> > www.hogent.be
> > 
> >
> >
> >
> >
> >
> >
> >
> > *Van:* The EDUCAUSE Wireless Issues Community Group Listserv <
> > WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> *Namens *Dom Colangelo
> > *Verzonden:* dinsdag 9 februari 2021 18:26
> > *Aan:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> > *Onderwerp:* Re: [WIRELESS-LAN] android 11 upcoming changes Feb 15th 2021
> >
> >
> >
> > In my testing I found that networks saved prior to the patch retained the
> > ‘Don’t validate’ option. Forgetting and re-configuring the network
> > eliminated the option.
> >
> >
> >
> > Dom Colangelo
> >
> > Systems Engineer
> >
> > Omada Technologies
> >
> > Cell: (617)-446-3945
> >
> > dcolang...@omadatechnologies.com
> >
> >
> >
> > *From:* The EDUCAUSE Wireless Issues Community Group Listserv <
> > WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> *On Behalf Of *Tim Cappalli
> > *Sent:* Tuesday, February 9, 2021 12:15
> > *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> > *Subject:* Re: [WIRELESS-LAN] android 11 upcoming changes Feb 15th 2021
> >
> >
> >
> > Screenshot?
> >
> >
> >
> > *From: *The EDUCAUSE Wireless Issues Community Group Listserv <
> > WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> on behalf of Walter Reynolds <
> > wa...@umich.edu>
> > *Date: *Tuesday, February 9, 2021 at 12:03
> > *To: *WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU <
> > WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
> > *Subject: *Re: [WIRELESS-LAN] android 11 upcoming changes Feb 15th 2021
> >
> >
> > I have a Pixel 3 that I did a factory restet on.  Next I did all the
> > updates needed and it is running Android 11.  The build number is
> > RQ1A.210205.004 which includes the latest security patch for the phone.
> >
> >
> >
> > When I go to configure a WPA2 Enterprise network I still have the "Don't
> > validate" option.
> >
> >
> >
> > What am I missing here?
> >
> >
> >
> > 
> >
> > Walter Reynolds
> > Network Architect
> > Information and Technology Services
> > University of Michigan
> > (734) 615-9438
> >
> >
> >
> >
> >
> > On Sun, Feb 7, 2021 at 3:29 AM Tim Cappalli <
> > 0194c9ecac40-dmarc-requ...@listserv.educause.edu> wrote:
> >
> > I would not expect Pixel 2 and earlier to receive this update as they are
> > end of support.
> > --
> >
> > *From:* The EDUCAUSE Wireless Issues Community Group Listserv <
> > WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> on behalf of Richie Penuela <
> > richie.penu...@ucf.edu>
> > *Sent:* Friday, February 5, 2021 09:37
> > *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU <
> > WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
> > *Subject:* Re: [WIRELESS-LAN] android 11 upcoming changes Feb 15th 2021
> >
> >
> >
> > Mathieu,
> >
> >
> >
> > Currently this is affecting Google Pixel 3 and up that have installed the
> > Android 11 security patch in December. We have Google Pixel 2A w/ Android
> > 11 but the last security patch was provided prior to the one in December
> > and we are still to select “Do not validate” option. In conversation with
> > some of our integrators they believe that other Android platforms will
> > follow suit.
> >
> >
> >

RE: [WIRELESS-LAN] android 11 upcoming changes Feb 15th 2021

2021-02-10 Thread Tim Cappalli

That’s what I suspected. That is NOT for EAP server trust. It is for 
certificate status. Not the same thing.

If you look at the CA Certificate dropdown (not the Online Certificate Status 
dropdown), you should not see a Do Not Validate option.

tim

From: Walter Reynolds
Sent: Wednesday, February 10, 2021 10:45
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] android 11 upcoming changes Feb 15th 2021

Here are the screenshots.







-
Walter Reynolds
Network Architect
Information and Technology Services
University of Michigan
(734) 615-9438


On Wed, Feb 10, 2021 at 6:49 AM Mathieu Sturm  wrote:
I’ve ordered a Pixel 5 and will do some testing as well. 
I’ve been testing with a virtual android 11 on android studio. This virtual 
android 11 also had the option to select “don’t validate” option.
 
I will share my findings once testing has been done.
 
 
Mathieu Sturm
Hoofdmedewerker Netwerkbeheer



Directie Financiën, Infrastructuur en IT
Afdeling Netwerkbeheer
Campus Schoonmeerssen - Gebouw B  Lokaal B0.75
Valentin Vaerwyckweg 1 - 9000 Gent
+32 9 243 35 23
www.hogent.be
 
 
 
Van: The EDUCAUSE Wireless Issues Community Group Listserv 
 Namens Dom Colangelo
Verzonden: dinsdag 9 februari 2021 18:26
Aan: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Onderwerp: Re: [WIRELESS-LAN] android 11 upcoming changes Feb 15th 2021
 
In my testing I found that networks saved prior to the patch retained the 
‘Don’t validate’ option. Forgetting and re-configuring the network eliminated 
the option.
 
Dom Colangelo
Systems Engineer
Omada Technologies
Cell: (617)-446-3945
dcolang...@omadatechnologies.com
 
From: The EDUCAUSE Wireless Issues Community Group Listserv 
 On Behalf Of Tim Cappalli
Sent: Tuesday, February 9, 2021 12:15
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] android 11 upcoming changes Feb 15th 2021
 
Screenshot?
 
From: The EDUCAUSE Wireless Issues Community Group Listserv 
 on behalf of Walter Reynolds 

Date: Tuesday, February 9, 2021 at 12:03
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU 
Subject: Re: [WIRELESS-LAN] android 11 upcoming changes Feb 15th 2021


I have a Pixel 3 that I did a factory restet on.  Next I did all the updates 
needed and it is running Android 11.  The build number is RQ1A.210205.004 which 
includes the latest security patch for the phone.
 
When I go to configure a WPA2 Enterprise network I still have the "Don't 
validate" option.  
 
What am I missing here?
 

Walter Reynolds
Network Architect
Information and Technology Services
University of Michigan
(734) 615-9438
 
 
On Sun, Feb 7, 2021 at 3:29 AM Tim Cappalli 
<0194c9ecac40-dmarc-requ...@listserv.educause.edu> wrote:
I would not expect Pixel 2 and earlier to receive this update as they are end 
of support.

From: The EDUCAUSE Wireless Issues Community Group Listserv 
 on behalf of Richie Penuela 

Sent: Friday, February 5, 2021 09:37
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU 
Subject: Re: [WIRELESS-LAN] android 11 upcoming changes Feb 15th 2021 
 
Mathieu,
 
Currently this is affecting Google Pixel 3 and up that have installed the 
Android 11 security patch in December. We have Google Pixel 2A w/ Android 11 
but the last security patch was provided prior to the one in December and we 
are still to select “Do not validate” option. In conversation with some of our 
integrators they believe that other Android platforms will follow suit. 
 
-Respectfully,
 

Sr. Wireless Engineer
UCF IT | Telecommunications
University of Central Florida
407.823.4906
richie.penu...@ucf.edu
 
Please note: Florida has a very broad open records law (F.S. 119). Emails may 
be subject to public disclosure
 
 
From: The EDUCAUSE Wireless Issues Community Group Listserv 
 on behalf of Mathieu Sturm 

Reply-To: The EDUCAUSE Wireless Issues Community Group Listserv 

Date: Friday, February 5, 2021 at 9:32 AM
To: "WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU" 
Subject: Re: [WIRELESS-LAN] android 11 upcoming changes Feb 15th 2021
 
Hello all,
 
I’ve been testing with 2 devices (Samsung s10 upgraded to android 11 and 
Samsung s20 also upgraded to android 11).
It seems that I’m still able to select “Do not validate” on these devices. 
 
Is this because these devices were upgraded to android 11 and that the newer 
devices which were released with android 11 don’t allow the “Do not validate”?
Or are the pixel phones the only ones?
 
Regards,
 
Mathieu
 
Van: The EDUCAUSE Wireless Issues Community Group Listserv 
 Namens Hurt,Trenton W.
Verzonden: maandag 1 februari 2021 22:47
Aan: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Onderwerp: [WIRELESS-LAN] android 11 upcoming changes Feb 15th 2021
 
FYI
 
I just received the following from securew2 about some additional security 
changes coming to android 11.  
 
 
 
This action will need to take place before the upcoming Android application 
update that is planned for February 15th, 2021.
 
As you may already be aware, Google mandates server validation to be properly

RE: [WIRELESS-LAN] android 11 upcoming changes Feb 15th 2021

2021-02-10 Thread Tim Cappalli

My thoughts exactly. Sure, I’m curious about the behavior being reported, but 
it really doesn’t matter.


From: Jonathan Waldrep
Sent: Wednesday, February 10, 2021 10:36
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] android 11 upcoming changes Feb 15th 2021

 I get the impression people haven't seen this:
https://www.youtube.com/watch?v=gkPvZDcrLFk

 Note this was presented in *2012*. As Tim has said many, many times,
you really should be validating the server, even if you have the option
to not. Thus, whether or not that option is available is kinda
irrelevant.

On 2021-02-10 11:36:36+, Mathieu Sturm wrote:
> I've ordered a Pixel 5 and will do some testing as well.
> I've been testing with a virtual android 11 on android studio. This virtual 
> android 11 also had the option to select "don't validate" option.
> 
> I will share my findings once testing has been done.
> 
> 
> Mathieu Sturm
> Hoofdmedewerker Netwerkbeheer
> 
> [https://www.hogent.be/www/assets/Image/logo2018.png]
> 
> Directie Financiën, Infrastructuur en IT
> Afdeling Netwerkbeheer
> Campus Schoonmeerssen - Gebouw B  Lokaal B0.75
> Valentin Vaerwyckweg 1 - 9000 Gent
> +32 9 243 35 23
> www.hogent.be
> 
> 
> 
> Van: The EDUCAUSE Wireless Issues Community Group Listserv 
>  Namens Dom Colangelo
> Verzonden: dinsdag 9 februari 2021 18:26
> Aan: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> Onderwerp: Re: [WIRELESS-LAN] android 11 upcoming changes Feb 15th 2021
> 
> In my testing I found that networks saved prior to the patch retained the 
> 'Don't validate' option. Forgetting and re-configuring the network eliminated 
> the option.
> 
> [cid:image005.png@01D6FFA9.5BA6C3E0]Dom Colangelo
> Systems Engineer
> Omada Technologies
> Cell: (617)-446-3945
> dcolang...@omadatechnologies.com
> 
> From: The EDUCAUSE Wireless Issues Community Group Listserv 
> mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
>  On Behalf Of Tim Cappalli
> Sent: Tuesday, February 9, 2021 12:15
> To: 
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> Subject: Re: [WIRELESS-LAN] android 11 upcoming changes Feb 15th 2021
> 
> Screenshot?
> 
> From: The EDUCAUSE Wireless Issues Community Group Listserv 
> mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
>  on behalf of Walter Reynolds mailto:wa...@umich.edu>>
> Date: Tuesday, February 9, 2021 at 12:03
> To: 
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU 
> mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
> Subject: Re: [WIRELESS-LAN] android 11 upcoming changes Feb 15th 2021
> 
> I have a Pixel 3 that I did a factory restet on.  Next I did all the updates 
> needed and it is running Android 11.  The build number is RQ1A.210205.004 
> which includes the latest security patch for the phone.
> 
> When I go to configure a WPA2 Enterprise network I still have the "Don't 
> validate" option.
> 
> What am I missing here?
> 
> 
> Walter Reynolds
> Network Architect
> Information and Technology Services
> University of Michigan
> (734) 615-9438
> 
> 
> On Sun, Feb 7, 2021 at 3:29 AM Tim Cappalli 
> <0194c9ecac40-dmarc-requ...@listserv.educause.edu>
>  wrote:
> I would not expect Pixel 2 and earlier to receive this update as they are end 
> of support.
> 
> From: The EDUCAUSE Wireless Issues Community Group Listserv 
> mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
>  on behalf of Richie Penuela 
> mailto:richie.penu...@ucf.edu>>
> Sent: Friday, February 5, 2021 09:37
> To: 
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU 
> mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
> Subject: Re: [WIRELESS-LAN] android 11 upcoming changes Feb 15th 2021
> 
> 
> Mathieu,
> 
> 
> 
> Currently this is affecting Google Pixel 3 and up that have installed the 
> Android 11 security patch in December. We have Google Pixel 2A w/ Android 11 
> but the last security patch was provided prior to the one in December and we 
> are still to select "Do not validate" option. In conversation with some of 
> our integrators they believe that other Android platforms will follow suit.
> 
> 
> 
> -Respectfully,
> 
> 
> 
> [signature_2043038681]
> 
> Sr. Wireless Engineer
> 
> UCF IT | Telecommunications
> 
> University of Central Florida
> 
> 407.823.4906
> 
> richie.penu...@ucf.edu
> 
> 
> 
> Please note: Florida has a very broad open records law (F.S. 119). Emails may 
> be subject to public disclosure
> 
> 
> 
> 
> 
> From: The EDUCAUSE Wireless Issues Community Group Listserv 
> mailto:WIRELESS-LAN@LIS

Re: [WIRELESS-LAN] android 11 upcoming changes Feb 15th 2021

2021-02-10 Thread Jonathan Waldrep

 I get the impression people haven't seen this:
https://www.youtube.com/watch?v=gkPvZDcrLFk

 Note this was presented in *2012*. As Tim has said many, many times,
you really should be validating the server, even if you have the option
to not. Thus, whether or not that option is available is kinda
irrelevant.

On 2021-02-10 11:36:36+, Mathieu Sturm wrote:
> I've ordered a Pixel 5 and will do some testing as well.
> I've been testing with a virtual android 11 on android studio. This virtual 
> android 11 also had the option to select "don't validate" option.
> 
> I will share my findings once testing has been done.
> 
> 
> Mathieu Sturm
> Hoofdmedewerker Netwerkbeheer
> 
> [https://www.hogent.be/www/assets/Image/logo2018.png]
> 
> Directie Financiën, Infrastructuur en IT
> Afdeling Netwerkbeheer
> Campus Schoonmeerssen - Gebouw B  Lokaal B0.75
> Valentin Vaerwyckweg 1 - 9000 Gent
> +32 9 243 35 23
> www.hogent.be
> 
> 
> 
> Van: The EDUCAUSE Wireless Issues Community Group Listserv 
>  Namens Dom Colangelo
> Verzonden: dinsdag 9 februari 2021 18:26
> Aan: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> Onderwerp: Re: [WIRELESS-LAN] android 11 upcoming changes Feb 15th 2021
> 
> In my testing I found that networks saved prior to the patch retained the 
> 'Don't validate' option. Forgetting and re-configuring the network eliminated 
> the option.
> 
> [cid:image005.png@01D6FFA9.5BA6C3E0]Dom Colangelo
> Systems Engineer
> Omada Technologies
> Cell: (617)-446-3945
> dcolang...@omadatechnologies.com
> 
> From: The EDUCAUSE Wireless Issues Community Group Listserv 
> mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
>  On Behalf Of Tim Cappalli
> Sent: Tuesday, February 9, 2021 12:15
> To: 
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> Subject: Re: [WIRELESS-LAN] android 11 upcoming changes Feb 15th 2021
> 
> Screenshot?
> 
> From: The EDUCAUSE Wireless Issues Community Group Listserv 
> mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
>  on behalf of Walter Reynolds mailto:wa...@umich.edu>>
> Date: Tuesday, February 9, 2021 at 12:03
> To: 
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU 
> mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
> Subject: Re: [WIRELESS-LAN] android 11 upcoming changes Feb 15th 2021
> 
> I have a Pixel 3 that I did a factory restet on.  Next I did all the updates 
> needed and it is running Android 11.  The build number is RQ1A.210205.004 
> which includes the latest security patch for the phone.
> 
> When I go to configure a WPA2 Enterprise network I still have the "Don't 
> validate" option.
> 
> What am I missing here?
> 
> 
> Walter Reynolds
> Network Architect
> Information and Technology Services
> University of Michigan
> (734) 615-9438
> 
> 
> On Sun, Feb 7, 2021 at 3:29 AM Tim Cappalli 
> <0194c9ecac40-dmarc-requ...@listserv.educause.edu>
>  wrote:
> I would not expect Pixel 2 and earlier to receive this update as they are end 
> of support.
> 
> From: The EDUCAUSE Wireless Issues Community Group Listserv 
> mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
>  on behalf of Richie Penuela 
> mailto:richie.penu...@ucf.edu>>
> Sent: Friday, February 5, 2021 09:37
> To: 
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU 
> mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
> Subject: Re: [WIRELESS-LAN] android 11 upcoming changes Feb 15th 2021
> 
> 
> Mathieu,
> 
> 
> 
> Currently this is affecting Google Pixel 3 and up that have installed the 
> Android 11 security patch in December. We have Google Pixel 2A w/ Android 11 
> but the last security patch was provided prior to the one in December and we 
> are still to select "Do not validate" option. In conversation with some of 
> our integrators they believe that other Android platforms will follow suit.
> 
> 
> 
> -Respectfully,
> 
> 
> 
> [signature_2043038681]
> 
> Sr. Wireless Engineer
> 
> UCF IT | Telecommunications
> 
> University of Central Florida
> 
> 407.823.4906
> 
> richie.penu...@ucf.edu
> 
> 
> 
> Please note: Florida has a very broad open records law (F.S. 119). Emails may 
> be subject to public disclosure
> 
> 
> 
> 
> 
> From: The EDUCAUSE Wireless Issues Community Group Listserv 
> mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
>  on behalf of Mathieu Sturm 
> mailto:mathieu.st...@hogent.be>>
> Reply-To: The EDUCAUSE Wireless Issues Community Group Listserv 
> mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
> Date: Friday, February 5, 2021 at 9:32 AM
> To: 
> "WIRELESS-LAN@LISTSERV.EDUCA

RE: [WIRELESS-LAN] android 11 upcoming changes Feb 15th 2021

2021-02-10 Thread Mathieu Sturm

I've ordered a Pixel 5 and will do some testing as well.
I've been testing with a virtual android 11 on android studio. This virtual 
android 11 also had the option to select "don't validate" option.

I will share my findings once testing has been done.


Mathieu Sturm
Hoofdmedewerker Netwerkbeheer

[https://www.hogent.be/www/assets/Image/logo2018.png]

Directie Financiën, Infrastructuur en IT
Afdeling Netwerkbeheer
Campus Schoonmeerssen - Gebouw B  Lokaal B0.75
Valentin Vaerwyckweg 1 - 9000 Gent
+32 9 243 35 23
www.hogent.be



Van: The EDUCAUSE Wireless Issues Community Group Listserv 
 Namens Dom Colangelo
Verzonden: dinsdag 9 februari 2021 18:26
Aan: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Onderwerp: Re: [WIRELESS-LAN] android 11 upcoming changes Feb 15th 2021

In my testing I found that networks saved prior to the patch retained the 
'Don't validate' option. Forgetting and re-configuring the network eliminated 
the option.

[cid:image005.png@01D6FFA9.5BA6C3E0]Dom Colangelo
Systems Engineer
Omada Technologies
Cell: (617)-446-3945
dcolang...@omadatechnologies.com

From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
On Behalf Of Tim Cappalli
Sent: Tuesday, February 9, 2021 12:15
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] android 11 upcoming changes Feb 15th 2021

Screenshot?

From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
on behalf of Walter Reynolds mailto:wa...@umich.edu>>
Date: Tuesday, February 9, 2021 at 12:03
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
Subject: Re: [WIRELESS-LAN] android 11 upcoming changes Feb 15th 2021

I have a Pixel 3 that I did a factory restet on.  Next I did all the updates 
needed and it is running Android 11.  The build number is RQ1A.210205.004 which 
includes the latest security patch for the phone.

When I go to configure a WPA2 Enterprise network I still have the "Don't 
validate" option.

What am I missing here?


Walter Reynolds
Network Architect
Information and Technology Services
University of Michigan
(734) 615-9438


On Sun, Feb 7, 2021 at 3:29 AM Tim Cappalli 
<0194c9ecac40-dmarc-requ...@listserv.educause.edu>
 wrote:
I would not expect Pixel 2 and earlier to receive this update as they are end 
of support.

From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
on behalf of Richie Penuela 
mailto:richie.penu...@ucf.edu>>
Sent: Friday, February 5, 2021 09:37
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
Subject: Re: [WIRELESS-LAN] android 11 upcoming changes Feb 15th 2021


Mathieu,



Currently this is affecting Google Pixel 3 and up that have installed the 
Android 11 security patch in December. We have Google Pixel 2A w/ Android 11 
but the last security patch was provided prior to the one in December and we 
are still to select "Do not validate" option. In conversation with some of our 
integrators they believe that other Android platforms will follow suit.



-Respectfully,



[signature_2043038681]

Sr. Wireless Engineer

UCF IT | Telecommunications

University of Central Florida

407.823.4906

richie.penu...@ucf.edu



Please note: Florida has a very broad open records law (F.S. 119). Emails may 
be subject to public disclosure





From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
on behalf of Mathieu Sturm 
mailto:mathieu.st...@hogent.be>>
Reply-To: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
Date: Friday, February 5, 2021 at 9:32 AM
To: 
"WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU" 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
Subject: Re: [WIRELESS-LAN] android 11 upcoming changes Feb 15th 2021



Hello all,



I've been testing with 2 devices (Samsung s10 upgraded to android 11 and 
Samsung s20 also upgraded to android 11).

It seems that I'm still able to select "Do not validate" on these devices.



Is this because these devices were upgraded to android 11 and that the newer 
devices which were released with android 11 don't allow the "Do not validate"?

Or are the pixel phones the only ones?



Regards,



Mathieu



Van: The EDUCAUSE Wireless Issu

RE: Android 11 Manual Profile Configuration Variable

RE: Android 11 Manual Profile Configuration Variable

RE: Android 11 Manual Profile Configuration Variable

RE: Android 11 Manual Profile Configuration Variable

Android 11 Manual Profile Configuration Variable

Re: [WIRELESS-LAN] android 11 upcoming changes Feb 15th 2021

RE: [WIRELESS-LAN] android 11 upcoming changes Feb 15th 2021

RE: [WIRELESS-LAN] android 11 upcoming changes Feb 15th 2021

Re: [WIRELESS-LAN] android 11 upcoming changes Feb 15th 2021

RE: [WIRELESS-LAN] android 11 upcoming changes Feb 15th 2021

10 matches

Site Navigation

Mail list logo

Footer information