[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-bugs-dist
Subject: [Bug 276378] New: 802.1X GUI doesn't allow to specify the server name
From: Stefan Winter <swinter () kde ! org>
Date: 2011-06-24 7:15:58
Message-ID: bug-276378-17878 () http ! bugs ! kde ! org/
[Download RAW message or body]
https://bugs.kde.org/show_bug.cgi?id=276378
Summary: 802.1X GUI doesn't allow to specify the server name
Product: knetworkmanager
Version: 0.9
Platform: openSUSE RPMs
OS/Version: Linux
Status: NEW
Severity: wishlist
Priority: NOR
Component: 802.1x
AssignedTo: wstephenson@kde.org
ReportedBy: swinter@kde.org
Version: 0.9 (using KDE 4.6.0)
OS: Linux
The KNetworkManager GUI allows to specify many parameters to IEEE 802.1X
security, but not the server name validation (CN).
This is almost trivial to add, as it is perfectly possible to specify this
parameter in wpa_supplicant.conf. It is
network={
...
subject_match=thename
}
Being able to specify the exact expected server name is an important security
property if *not* using self-signed certificates or private CAs.
I'm an R&D engineer in a major 802.1X-based roaming consortium
(www.eduroam.org) and a fan/former developer of KDE; and the lack of this
feature has always been a bit of a grief for me. Would be nice if this could be
changed in the future.
(Somewhat unrelated to this bug: we are working on scripted installers for
eduroam on many platforms - is there a command-line API to inject new configs
into KNetworkManager? Or would I have to try and play directly with
$KDEHOME/share/config/knetworkmanagerrc ? )
Reproducible: Always
--
Configure bugmail: https://bugs.kde.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic