Cert validation on Android platforms

Brian Julin BJulin at clarku.edu
Mon Oct 13 22:52:45 CEST 2014


Some ore inside baseball:

http://slashdot.org/comments.pl?sid=5725587&cid=47941819

Whether the "Android for Work" will produce something usable outside of
a not-really-BYOD enterprise environment where users will consent to
drastic changes to their systems remains to be seen.

I also wrote the lead wpa_supplicant developer a long email about the
current progress of .11u support which unfortunately puts yet another
wrinkle into this mess since  this option does not appear in the proper
place in the configuration to be attached to an SSID-independant consortium ID.

Also not confident that the ability to configure wpa_supplicant via a file
dropped into the unprotected data directory will remain as is, since that's
not the mist secure way to do things.



________________________________________
From: freeradius-users-bounces+bjulin=clarku.edu at lists.freeradius.org [freeradius-users-bounces+bjulin=clarku.edu at lists.freeradius.org] on behalf of Arran Cudbard-Bell [a.cudbardb at freeradius.org]
Sent: Monday, October 13, 2014 4:36 PM
To: FreeRadius users mailing list
Subject: Cert validation on Android platforms

I know a lot of people on here run WPA2-Enterprise and may be surprised to hear
that it is currently not possible to configure the supplicant on Android devices
to validate the CN in cert presented by the server.

Maybe someone could poke the correct person at google and get this fixed:

        https://code.google.com/p/android/issues/detail?id=37178

Arran Cudbard-Bell <a.cudbardb at freeradius.org>
FreeRADIUS development team

FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2



More information about the Freeradius-Users mailing list