20 Oct
2008
20 Oct
'08
4:47 a.m.
On Sun, Oct 19, 2008 at 12:49:30PM -0500, Danny Paul wrote:
This is impossible. It is *designed* to be impossible. If it was possible, malicious networks could tell users that "authentication succeeded", and then attack the users.
I'm not sure you grasped what I was after - imagine a 802.1x wired switch, supplicants and RADIUS server configured for EAP-TLS. This works fine until the clumsy network administrator forgets to renew the certificates for each of his supplicants and they all expire on the same day. On that particular day, instead of spending hours getting new
Set the clock on your server backwards.