ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Security for the IETF wireless network

2014-07-25 10:32:59
from [Stefan Winter] [Permanent Link] 
Hi,



Sorry, I assumed that this was just an annoying dialog and there was a
checkbox for "do it anyway".  We will have to find a way to manage the
usability on Windows, whether that means "buy a cert from someone who
is in Microsoft's default trust list too" or "provide instructions for
Windows users" or what.



A common misunderstanding. There *is no* default trust list for IEEE
802.1X purposes. Even on Microsoft, you have to tick the checkbox on the
one CA you trust for this connection. Due to that, whether you paid for
a commercial CA's cert or just created a self-signed one doesn't matter;
self-signed simply adds the extra step of importing the CA in the first
place. Both need the user to TheRightThing(tm).

The instruction can be "use this .exe that we provide, it will push the
right knobs for you." That's why I mentioned my website which gives you
such installers.

Stefan

Attachment: 0x8A39DC66.asc
Description: application/pgp-keys

Attachment: signature.asc
Description: OpenPGP digital signature

[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: SIGCOMM and IETF work RE: v6 adoption, Mark Allman
Next by Date:  Re: Security for the IETF wireless network, Stefan Winter
Previous by Thread:  Re: Security for the IETF wireless network, Bill Fenner
Next by Thread:  Re: Security for the IETF wireless network, Stefan Winter
Indexes:  [Date] [Thread] [Top] [All Lists]