Stefan Puch wrote on 01.02.2008 09:57: > @Reimer Karlsen-Masur >> If the "Microsoft Smartcard Logon" extendedKeyUsage *is part* of your client >> certificates you could work around this by disabling the trust setting of >> valid certificate usage "Microsoft Smartcard Logon" in the CAs properties in >> Windows build-in certificate store on the PDA. > As the "Microsoft Smartcard Logon" extendedKeyUsage *is NOT part* of the client > certificates there should be no problem. Something different seems to be not > correct. > > Did you get a PDA using Windows Mobile working with EAP-TLS with Windows > build-in supplicant and freeradius? I am afraid, we do not have a Win Mob PDA to test things available. Problems with the non-repudiation keyUsage occured with a SymbianOS based PDA. -- Beste Gruesse / Kind Regards Reimer Karlsen-Masur DFN-PKI FAQ: https://www.pki.dfn.de/faqpki 15 Jahre DFN-CERT + 15. DFN-Workshop "Sicherheit in vernetzten Systemen" am 13./14. Februar 2008 im CCH Hamburg - https://www.dfn-cert.de/ws2008/ -- Dipl.-Inform. Reimer Karlsen-Masur (PKI Team), Phone +49 40 808077-615 DFN-CERT Services GmbH, https://www.dfn-cert.de, Phone +49 40 808077-555 Sitz / Register: Hamburg, AG Hamburg, HRB 88805, Ust-IdNr.: DE 232129737 Sachsenstr. 5, 20097 Hamburg/Germany, CEO: Dr. Klaus-Peter Kossakowski
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature