OLD | NEW |
1 # Open Network Configuration | 1 # Open Network Configuration |
2 | 2 |
3 [TOC] | 3 [TOC] |
4 | 4 |
5 ## Objective | 5 ## Objective |
6 | 6 |
7 We would like to create a simple, open, but complete format to describe | 7 We would like to create a simple, open, but complete format to describe |
8 multiple network configurations for WiFi, Ethernet, Cellular, | 8 multiple network configurations for WiFi, Ethernet, Cellular, |
9 Bluetooth/WiFi-Direct, and VPN connections in a single file format, in order | 9 Bluetooth/WiFi-Direct, and VPN connections in a single file format, in order |
10 to simplify and automate network configuration for users. | 10 to simplify and automate network configuration for users. |
(...skipping 1024 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1035 | 1035 |
1036 * **ClientCertPattern** | 1036 * **ClientCertPattern** |
1037 * (required if **ClientCertType** is *Pattern*, otherwise ignored) - | 1037 * (required if **ClientCertType** is *Pattern*, otherwise ignored) - |
1038 [CertificatePattern](#CertificatePattern-type) | 1038 [CertificatePattern](#CertificatePattern-type) |
1039 * Pattern to use to find the client certificate. | 1039 * Pattern to use to find the client certificate. |
1040 | 1040 |
1041 * **ClientCertRef** | 1041 * **ClientCertRef** |
1042 * (required if **ClientCertType** is *Ref*, otherwise ignored) - **string** | 1042 * (required if **ClientCertType** is *Ref*, otherwise ignored) - **string** |
1043 * Reference to client certificate stored in certificate section. | 1043 * Reference to client certificate stored in certificate section. |
1044 | 1044 |
| 1045 * **ClientCertPKCS11Id** |
| 1046 * (required if **ClientCertType** is *PKCS11Id*, otherwise ignored) - |
| 1047 * PKCS#11 identifier in the format slot:key_id. |
| 1048 |
1045 * **ClientCertType** | 1049 * **ClientCertType** |
1046 * (optional) **string** | 1050 * (optional) - **string** |
1047 `Allowed values are` *Ref*, and *Pattern*. | 1051 * `Allowed values are` *Ref*, *Pattern*, *PKCS11Id* and *None*. |
| 1052 * *Ref* and *Pattern* indicate that the associated property should be used |
| 1053 to identify the client certificate. |
| 1054 * *PKCS11Id* is used when representing a certificate in a local store and is |
| 1055 only valid when describing a local configuration. |
| 1056 * *None* indicates that the server is configured to not require client |
| 1057 certificates. |
1048 | 1058 |
1049 * **Identity** | 1059 * **Identity** |
1050 * (optional) - **string** | 1060 * (optional) - **string** |
1051 * Identity of user. For tunneling outer protocols | 1061 * Identity of user. For tunneling outer protocols |
1052 (*PEAP*, *EAP-TTLS*, and | 1062 (*PEAP*, *EAP-TTLS*, and |
1053 *EAP-FAST*), this is used to authenticate inside | 1063 *EAP-FAST*), this is used to authenticate inside |
1054 the tunnel, and **AnonymousIdentity** is used for | 1064 the tunnel, and **AnonymousIdentity** is used for |
1055 the EAP identity outside the tunnel. For non-tunneling outer protocols, | 1065 the EAP identity outside the tunnel. For non-tunneling outer protocols, |
1056 this is used for the EAP identity. This value is subject to string | 1066 this is used for the EAP identity. This value is subject to string |
1057 expansions. | 1067 expansions. |
(...skipping 754 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1812 is transmitted or saved to disk should be secure. On client device, when | 1822 is transmitted or saved to disk should be secure. On client device, when |
1813 user names for connections that are user-specific are persisted to disk, | 1823 user names for connections that are user-specific are persisted to disk, |
1814 they should be stored in a location that is encrypted. Users can also opt in | 1824 they should be stored in a location that is encrypted. Users can also opt in |
1815 these cases to not save their user credentials in the config file and will | 1825 these cases to not save their user credentials in the config file and will |
1816 instead be prompted when they are needed. | 1826 instead be prompted when they are needed. |
1817 | 1827 |
1818 ## Authors | 1828 ## Authors |
1819 | 1829 |
1820 * pneubeck@chromium.org | 1830 * pneubeck@chromium.org |
1821 * stevenjb@chromium.org | 1831 * stevenjb@chromium.org |
OLD | NEW |