15 Mar
2017
15 Mar
'17
6 a.m.
On Wed, Mar 15, 2017 at 09:53:39AM +0100, Bjørn Mork wrote:
In general, you should use self-signed certificates for 802.1x (EAP) authentication. When you list root CAs from other organizations in the "CA_file", you permit them to masquerade as you,
Why is this a concern for EAP, but not for regular web certificates?
to authenticate your users, and to issue client certificates for EAP-TLS.
Agreed, but as we don't use client certificates in our organization, this doesn't apply to us. -- Herman Øie Kolden Trondheim, Norway