I wanted to get access to a similar network which requires authentication via PEAP. Of course, the official documentation wants to push another proprietary app down your throat, so I wanted to do this the right way - manually.
Here's a short story. Feel free to skip the next paragraph if you don't care.
I had IT guys help me manually connect to a network that uses PEAP or some other gimmick. I told them that after having filled the identity and password I was unable to connect, without having selected some option for the certificate. At first they wanted me to pick something like "ignore certificate". Which I honestly don't think would make any sense as then the WiFi wouldn't be encrypted at all. At this point why wouldn't it be just open? Are the IT folks misinformed/ignorant? Correct me if I'm wrong, please. Upon realizing there was no such option they asked if they could take my phone and promptly selected "Certificate: Trust On First Use" (TOFU). They didn't care about verifying SHA256 of the certificate. Like at all. I even asked them if it's possible to verify it with the official website or some other trusted place but got completely ignored. When the OS asked if I trust the "WiFi which uses the following info", they just chose "yes, connect" without giving it a second thought. If you ask me, the whole process felt like downloading a random Android app, from a semi-random website, over HTTP, with the "maybe it will be alright this time" attitude. Given that, I do not feel comfortable using this WiFi.
Now, I have the following questions:
- Is the certificate that has been trusted upon connecting to the WiFi network used strictly only for connecting to it?
- Does it open up additional attack surface of any kind, for example in a manner that would be similar to having an imported CA in GOS' settings?
- Should I even worry about it?
TL;DR My device has trusted a random WiFi certificate on first use and I'm not sure if there are any consequences to it.