Multiple realms and network validation with WPA2 Enterprise
Stefan Paetow
Stefan.Paetow at jisc.ac.uk
Fri Dec 23 22:46:27 CET 2016
>How would that be different from using a proper CA signed cert which we
>already have ?
The difference is that *you* control the CA, not some third party. You
want to ensure that your clients only trust *your* CA infrastructure. :-)
With a third-party CA, you're beholden to their security requirements (or
failures for that matter - look online about the Diginotar incident,
you'll get the drift).
With Regards
Stefan Paetow
Moonshot Industry & Research Liaison Coordinator
t: +44 (0)1235 822 125
gpg: 0x3FCE5142
xmpp: stefanp at jabber.dev.ja.net
skype: stefan.paetow.janet
jisc.ac.uk
Jisc is a registered charity (number 1149740) and a company limited by
guarantee which is registered in England under Company No. 5747339, VAT
No. GB 197 0632 86. JiscĀ¹s registered office is: One Castlepark, Tower
Hill, Bristol, BS2 0JA. T 0203 697 5800.
>
More information about the Freeradius-Users
mailing list