I believe this is accurate. Is there a particular ambiguity this is clearing up?
Thanks, Joe > -----Original Message----- > From: Bernard Aboba [mailto:[EMAIL PROTECTED] > Sent: Wednesday, June 06, 2007 2:21 PM > To: [email protected] > Subject: RE: [Emu] Proposed Resolution to multiple > Peer-Id/Server-Id Issue > > > Also, it has been pointed out that the purpose of the > Peer-Id/Server-Id may not be fully explained, so that the > following sentence may also need to be added to Section 5.2: > > "Together the Peer-Id and Server-Id name the entities > involved in deriving the MSK/EMSK. " > > > > ________________________________ > > From: [EMAIL PROTECTED] > > To: [email protected] > > Date: Tue, 5 Jun 2007 22:04:56 -0700 > > Subject: [Emu] Proposed Resolution to multiple > Peer-Id/Server-Id Issue > > > > It has been pointed out that an EAP-TLS certificate can > contain multiple subject or subjectAltName fields. > > To address this, I propose that we add the following text > to Section 5.2: > > It is possible for more than one subjectAltName field to be > present in > > a peer or server certificate. Where more than one subjectAltName > > field is present in a certificate, EAP-TLS implementations SHOULD > > export all the subjectAltName fields within Peer-Ids or Server-Ids; > > all of the exported Peer-Ids and Server-Ids are considered valid. > > Similarly, if more than one subject field is present in a peer or > > server certificate, and no subjectAltName field is present, then > > EAP-TLS implementations SHOULD export all of the subject fields > > within Peer-Ids and Server-Ids; all of the exported Peer-Ids and > > Server-Ids are considered valid. > > _______________________________________________ > Emu mailing list > [email protected] > https://www1.ietf.org/mailman/listinfo/emu > _______________________________________________ Emu mailing list [email protected] https://www1.ietf.org/mailman/listinfo/emu
