New activity for FreeRADIUS (the high performance and highly configurable RADIUS server) ====== gpgsig -----BEGIN PGP SIGNATURE----- iQEzBAABCAAdFiEE8n1lTTL4FC4LtEWpfQ55zXdiHs0FAlxQSgMACgkQfQ55zXdi Hs1lpwf+PefU7aQ5BWIDLE0VU390wpquW9X4X621iZT+mqm/Y8T/9AWOOnfK6MHa mtj8TFlEq3oLoqFDnKIxAX3obtP24Bm2XCwyZrLylOhZuMsQhtVaxaIovVpE07E3 tmaZjfhTnTslJC7HFfz4EbQGlRSWGXqX0NChN6Ych9RTJuwgktrTeoooXObD02Cd KOBWOyrz9EziHXHo2+Poj9EgKinlJRDYCoAyekO+GnPtxs1e7pbfJ4vfvq/3CfiM 8QevaZTkiY+wjRRs0Rna0GYMK4d/GfzzkEkdkRCQB6HlEJu8nbec/GGHFHBlsK9n GsVa8OyHe9iSdX4s6pjoeGZBfcQVtQ== =QPb1 -----END PGP SIGNATURE----- more notes Alan T. DeKok@2019-01-29T12:41:36Z Files modified: * raddb/mods-available/eap Commit diff: https://github.com/FreeRADIUS/freeradius-server/commit/378fe3430d4d5f8d953d0... ====== gpgsig -----BEGIN PGP SIGNATURE----- wsBcBAABCAAQBQJcUEhTCRBK7hj4Ov3rIwAAdHIIAGYOU8kPLxNE2Y/Zvsu7ixig a35HI2qxy8xB4r1E9mm3ZAfLLwEzsWk3oi6DEV15Q2ymcl7nLrEtPXVY/EExIeNb CKsSSXqRnwEvzVVRh1jFNrxB5MBIy5MdxHPrXQuqgRiwp/Q1Hubh3ZMilGCJBpOn U9ThepPg2eKc7TFlc8kylZsnrC671IhdLi4fmFt9OBsz7LmFrrplntHsJRrZGcTu 2qqVdOjMPX6HUioFY29jLG/GZ50mgLML/1CwjxBcTdjLbm/8+3iGlPOR+scq8D8J oOSmpbuV6ufxmkBXpq4ORZrr4G0NTq4af7pQTyNBdgz9UjTYOnwCei5ZeBWaA0A= =4iWb -----END PGP SIGNATURE----- Merge pull request #2439 from restena-sw/patch-1 clarify which CA certs to include when using certificate_file without ca_file Alan DeKok (via GitHub)@2019-01-29T12:34:27Z Files modified: * raddb/mods-available/eap Commit diff: https://github.com/FreeRADIUS/freeradius-server/commit/00bc901d1ad8970105bdb... ====== gpgsig -----BEGIN PGP SIGNATURE----- wsBcBAABCAAQBQJcUEZ5CRBK7hj4Ov3rIwAAdHIIAE2LHmQx817rM5Si5odeBena frkau2Yz3cY4Rc0tHIRfxPLQb4LmNtKxnVKzzL53m8uBkLilB0h3hQyD2cT5NgCb UqpYmLjwBXHT9rf1NhmL+JZ2pMB2Y7pjWWuOk+yZmjDVOWMiNYTwT7351/AGNQwJ Afmjfzdp2HbvY+qJhUGg9aT3n1p/kXaEfh565E/Yki5RdkFHveRjMtmMrBsujvRD 4ZP1MieKSeLxvxsAERhHPI2LvghZXvdM/H+3scGHFn1r0lFUStiXGB0TXVVmGzF+ pHXvlyL1a/p7IIfLj+Pcju/5A/GDECSspae4yrs4qLydvQaS8QmuUKQIZs0ntD8= =Op6h -----END PGP SIGNATURE----- clarify which CA certs to include when using certificate_file without ca_file Sending the root serves no useful purpose; the client has this root CA installed and verifies against that trust base, or it doesn't. No amount of sending it as part of the untrusted cert data will make the root CA any more or less trusted. The previous wording was confusing for eduroam admins and consequently we see many who send a superfluous *root* certificate with their server cert. This typically costs another 1-2 roundtrips for no real purpose. The new wording is more explicit that *intermediate* CAs are a good idea, but no root. Stefan Winter (via GitHub)@2019-01-29T12:26:33Z Files modified: * raddb/mods-available/eap Commit diff: https://github.com/FreeRADIUS/freeradius-server/commit/c9645862edd634f81fa5e... ====== -- This commit summary was generated @2019-01-30T00:00:02Z by lgfeed version 0.00 (https://github.com/arr2036/lgfeed).