-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 At 14:19 -0400 09/22/2006, Stan Brooks wrote: >The only issue we've had is that even with Verisign signed >cert on each RADIUS server, we still have to manually accept the cert >(only once) the first time the client authenticates.
I think this is a good security measure. If a rogue AP & RADIUS server come up with a valid CA-signed cert, you wouldn't want the computers to accept it without any kind of chance to inspect it. Now, granted, in practical terms, the users will probably accept any cert that's presented.....but we try to make an effort in our documentation to tell them to check the cert. -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.0.6 (Build 6060) Comment: <http://bt.ittns.northwestern.edu/julian/pgppubkey.html> iQA/AwUBRRQscA5UB5zJHgFjEQIdEgCgs0CiI2oW5gmjnL8YQTTDzdY7X+sAoKKo hZlIBGGwMDSsyKP3PS9KG3e7 =M6eH -----END PGP SIGNATURE----- -- Julian Y. Koh <mailto:[EMAIL PROTECTED]> Network Engineer <phone:847-467-5780> Telecommunications and Network Services Northwestern University PGP Public Key:<http://bt.ittns.northwestern.edu/julian/pgppubkey.html> ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.