John Dennis writes:
> So why does this group think PKI doesn't work?
PKI works. gnupg is an example of that.
SSL doesn't work. Faulty design: Single trust anchor, black or white
trust only, and large commercial interests are all reasons for that.
Bjørn
-
List info/subscribe/unsubscribe? S
On 07/03/2011 22:18, Arran Cudbard-Bell wrote:
On Mar 7, 2011, at 4:05 PM, James J J Hooper wrote:
On 07/03/2011 21:42, John Dennis wrote:
I changed "default_eap_type=md5" to "default_eap_type=ttls" and now the
Macs are able to authenticate without Certs or any configuration on their
side!!
On Mar 7, 2011, at 4:05 PM, James J J Hooper wrote:
> On 07/03/2011 21:42, John Dennis wrote:
I changed "default_eap_type=md5" to "default_eap_type=ttls" and now the
Macs are able to authenticate without Certs or any configuration on their
side!!
>>>
>>> ...remember though that wo
On Mar 7, 2011, at 4:03 PM, Arran Cudbard-Bell wrote:
>
> On Mar 7, 2011, at 3:57 PM, Alan Buxey wrote:
>
>> Hi,
>>
>>> 1) It validates the server cert to assure it's signed by a CA it trusts
>>> (possibly via a cert chain).
>>>
>>> 2) It then validates the certificate subject to make sure t
On 07/03/2011 21:42, John Dennis wrote:
I changed "default_eap_type=md5" to "default_eap_type=ttls" and now the
Macs are able to authenticate without Certs or any configuration on their
side!!
...remember though that working != secure [necessarily]. Clients defaulting
to accept any radius serve
On Mar 7, 2011, at 3:57 PM, Alan Buxey wrote:
> Hi,
>
>> 1) It validates the server cert to assure it's signed by a CA it trusts
>> (possibly via a cert chain).
>>
>> 2) It then validates the certificate subject to make sure the server it
>> thought it was connecting to appears in the certifi
Hi,
> 1) It validates the server cert to assure it's signed by a CA it trusts
> (possibly via a cert chain).
>
> 2) It then validates the certificate subject to make sure the server it
> thought it was connecting to appears in the certificate (either as the
> certificate subject or one of the
I changed "default_eap_type=md5" to "default_eap_type=ttls" and now the
Macs are able to authenticate without Certs or any configuration on their
side!!
...remember though that working != secure [necessarily]. Clients defaulting
to accept any radius server cert, or those that default to prompt
8 matches
Mail list logo
