dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
4
share rss forum feed


Thinkdiff
Premium,MVM
join:2001-08-07
Bronx, NY
kudos:11
reply to cramer

Re: Fair warning! 3rd party purchase of U-verse IPDSLAM modem

The CA is public knowledge. You can distribute it anywhere without any loss in security. Presumably the modem has other identifying certs or serial numbers that are used during the 802.1x authentication process.

Even without that, you said it yourself. Authentication is mainly handled at the physical level by deactivating the port at the CO. The rest is just to keep unauthorized modems (not users) off the network.
--
University of Southern California - Fight On!

cramer
Premium
join:2007-04-10
Raleigh, NC
kudos:9
said by Thinkdiff:

The CA is public knowledge.

CA (Certificate Authority)... yes, the public key is public, but it's only used to verify a signed certificate. Either the CA signing certificate (a closely guarded secret) or the device's authenticating certificate (signed by the CA, the same on every device) has expired. The authentication cert is NOT public knowledge. AT&T is not going to put it anywhere it can be easily extracted. (aside from the device that uses it. and even there, it's not easy.) If they were actually turning ports on and off, they wouldn't need this mess.

It's rather a moot point as there's currently no market for VDSL modems.