12 May
2006
12 May
'06
9:13 a.m.
Michal Prochazka wrote:
I don't agree with you. Freeradius checks that the certificate is issued by one of the CA defined in config of EAP-TLS. And then this script compare the subject, you cannot forged it. And of course this patch can be easily enhanced to export sha1/md5 signatures. Oh, I've missed your point, sorry. This patch is against using some (for example, e-mail signing) certificate (issued by proper CA!) as wireless client's one, am I right on second try? :)
-- // Lev Serebryakov