10 Jan
2008
10 Jan
'08
8:53 a.m.
Hi,
RADIUS certificates for EAP should ALMOST ALWAYS be self-signed. That means that no one else can successfully convince the users to send them the passwords.
seconded/thirded. as UK eduroam support I agree that such a closed-loop system provides a better protection. though more config and deployment pains, certainly ;-) alan