thats the point . this is the only thing dude i wanted you and all members to know
suppose you opened 192.168.1.1 and luci username and password page come . This is where you need to be aware , how will you confirm that its your luci and not other router ( a honeypot ) or not MITM
and yes its not openwrt specific , but we can save our community users from this
Physically plug into the router while all its other interfaces are disconnected/disabled (this is how you setup a router in most cases, especially commercial ones)
If another device was spoofing 192.168.1.1, you would fail to get Internet
Verify ARP MAC matches serial of router you purchased
This is a chicken-and-the-egg theory
the devices needs Internet to install the LuCI SSL package
you have not even mentioned that yet
most importantly the router has to be configured first
(Also, what does this have to do with a certificate? Certs are issued to domain names...)
LOL...
Save them from configuring their own routers!?!?
Save them from breaking-and-entering their neighbor's house to plug into their router "accidentally"!?!?
thats because i manage around 3200 openwrt access points all across the world and client gets angry if i dont do my research and always ask them to insert cable
more over i cannot compromise with their security too
i have joined the community and will always be fair with them , i will give whatever required let the need come
right now every one is happy with alternatives
let all realise the need , i am happy that yesterday this didnt happen
I got my first solution accepted and the user itself denied alternative even before i reacted well about the alternative
If this is your opinion, I would advice you to stop posting and responding to people.
A lot of people are beginning to get agitated that you are harboring some secret way to secure routers and configure multiple multiple vendor equipment with OpenWrt; and you always fail to follow through and share.
You obviously claim you have an alternative (you even claim to have invested in Research and Development now). So it seems quite silly to keep reminding people when they ask you to explain.
you detective its very much obvious that i wrote that post for @nemisis only , because he accepted what openwisp currently misses and perfectly answered my public posts