Opened 3 years ago

Closed 3 years ago

Last modified 5 weeks ago

#849 closed defect (worksforme)

ietf-a.1x Certificiate

Reported by: Stephen.Botzko@… Owned by: chelliot@…
Priority: tbd Milestone: ietf-090
Component: wireless Keywords:
Cc: My Current Location:
My MAC Address: My OS:

Description

As requested by Jari I tried it.

I received a security warning:
"Radius Server:           services.meeting.ietf.org
Root CA:                    Starfield Class 2 Certification Authority

The server "services.meeting.ietf.org" presented a valid certificate issued by "Starfield Class 2 Certification Authority", but "Starfield Class 2 Certification Authority" is not configured as a valid trust anchor for this profile."

Clicking through the security warning resulting in an "unable to connect" message from Windows.  OS is windows 7.

Stephen Botzko

Change history (3)

comment:1 in reply to:  description Changed 3 years ago by llynch@…

Component: incomingwireless
Owner: changed from llynch@… to chelliot@…
Status: newassigned
Type: requestdefect

Replying to Stephen.Botzko@…:

As requested by Jari I tried it.

I received a security warning:
"Radius Server:           services.meeting.ietf.org
Root CA:                    Starfield Class 2 Certification Authority

The server "services.meeting.ietf.org" presented a valid certificate issued by "Starfield Class 2 Certification Authority", but "Starfield Class 2 Certification Authority" is not configured as a valid trust anchor for this profile."

Clicking through the security warning resulting in an "unable to connect" message from Windows.  OS is windows 7.

Stephen Botzko

Assigning to Chris but may need to be re-assigned.

comment:2 Changed 3 years ago by Bill Fenner

Resolution: worksforme
Status: assignedclosed

Brian Carpenter reported this on the mailing list:

https://www.ietf.org/mail-archive/web/ietf/current/msg88796.html

and the reply (https://www.ietf.org/mail-archive/web/ietf/current/msg88803.html) pointed out that the IETF90 network documentation says:

To use 802.1X:

Associate to SSID: ietf.1x OR ietf-a.1x
Use TTLS or PEAP/MSCHAPv2
Do Not Verify Server Cert and we won't verify yours :)

So, while this may be a topic of discussion for the list, it is documented behavior.

comment:3 Changed 5 weeks ago by Rick Alfvin

Milestone: ietf-90ietf-090

Milestone renamed

Note: See TracTickets for help on using tickets.