On Fri, Oct 26, 2001 at 01:55:08PM +0100, Joyce, Matthew wrote:
> Now what about "evil twin" access points doing man-in-the-middle - snatch=
> the SecurId and reusing it to authenticate to the real access point within
> the 60 second SecurID rollover. Does the station authenticate the access
> point or the ACS server?
The station authenticates the ACS server, and the ACS server authenticates
the access point via the shared secret.
| | Jim Veneskey
:|: :|: Software Test Engineer
:|||: :|||: 320 Springside Drive Suite 350, Akron OH 44333
=2E:|||||||:..:|||||||:. Email: jvene@...