RE: [Emu] Proposed Resolution to multiple Peer-Id/Server-Id Issue

2007-06-06 Thread Ryan Hurst
I think this is a good clarification. -Original Message- From: Bernard Aboba [mailto:[EMAIL PROTECTED] Sent: Wednesday, June 06, 2007 2:21 PM To: emu@ietf.org Subject: RE: [Emu] Proposed Resolution to multiple Peer-Id/Server-Id Issue Also, it has been pointed out that the purpose of

RE: [Emu] Proposed Resolution to multiple Peer-Id/Server-Id Issue

2007-06-06 Thread Ryan Hurst
Your right, there can be only one distinguished name. However there are also cases where there are more than one subjectAltName may be present with a empty DN also; I don't think mandating a DN is a good idea since 3280 doesn't do that. Ryan -Original Message- From: Joseph Salowey

RE: [Emu] Talk on Windows EAP implementation...

2007-04-09 Thread Ryan Hurst
Yes that time is correct, 3:00 PM PST. From: Glen Zorn (gwz) [mailto:[EMAIL PROTECTED] Sent: Saturday, April 07, 2007 12:15 AM To: Ryan Hurst Cc: emu@ietf.org; [EMAIL PROTECTED] Subject: RE: [Emu] Talk on Windows EAP implementation... I thought folks on these two lists might be interested

[Emu] Talk on Windows EAP implementation...

2007-04-06 Thread Ryan Hurst
I thought folks on these two lists might be interested in this, Microsoft will be having a web chat next week discussing its EAP platform if you want to know more about our implementation and how you can integrate with it this is probably a interesting talk. See:

RE: [Emu] Re: Last call comments:draft-williams-on-channel-binding-01.txt: EAP channel bindings

2007-04-06 Thread Ryan Hurst
Yup, specifically 3280 says that a issuer, as represented by its DN will guarantee unique serial numbers within its scope and issue within its scope non-ambiguous subject DNs (e.g. no dupes). -Original Message- From: Sam Hartman [mailto:[EMAIL PROTECTED] Sent: Friday, April 06, 2007 1:14

RE: [Emu] Thoughts on Password-based EAP Methods

2007-04-03 Thread Ryan Hurst
I can easily see how crypto-binding could be added to the protocol without breaking backwards compatibility, eg how negotiation via TTLSv0's extensibility model could add this in as a optional operation that the client and server agree upon. In general I think having a standards based,

RE: [Emu] RE: draft-simon-emu-rfc2716bis-07.txt

2007-02-21 Thread Ryan Hurst
Sounds like a good compromise. From: Bernard Aboba [mailto:[EMAIL PROTECTED] Sent: Tue 2/20/2007 9:53 PM To: Ryan Hurst; emu@ietf.org Subject: RE: [Emu] RE: draft-simon-emu-rfc2716bis-07.txt The subject field identifies the entity associated

RE: [Emu] RE: draft-simon-emu-rfc2716bis-07.txt

2007-02-21 Thread Ryan Hurst
in-line From: Joseph Salowey (jsalowey) [mailto:[EMAIL PROTECTED] Sent: Tue 2/20/2007 8:54 PM To: Ryan Hurst; Bernard Aboba; emu@ietf.org Subject: RE: [Emu] RE: draft-simon-emu-rfc2716bis-07.txt If subject naming information is present only

RE: [Emu] RE: draft-simon-emu-rfc2716bis-07.txt

2007-02-21 Thread Ryan Hurst
in-line From: Joseph Salowey (jsalowey) [mailto:[EMAIL PROTECTED] Sent: Wed 2/21/2007 9:04 AM To: Ryan Hurst; Bernard Aboba; emu@ietf.org Subject: RE: [Emu] RE: draft-simon-emu-rfc2716bis-07.txt If subject naming information is present only

RE: [Emu] RE: draft-simon-emu-rfc2716bis-07.txt

2007-02-21 Thread Ryan Hurst
[Joe] I don't see any more confusion over having multiple serial numbers than having multiples of any other attribute. [rmh] The point I have been failing to make is that these other ids are not expected to match a explicit entity, they are really not much more

RE: [Emu] RE: draft-simon-emu-rfc2716bis-07.txt

2007-02-20 Thread Ryan Hurst
In-line -Original Message- From: Bernard Aboba [mailto:[EMAIL PROTECTED] Sent: Monday, February 19, 2007 10:03 PM To: emu@ietf.org Subject: RE: [Emu] RE: draft-simon-emu-rfc2716bis-07.txt From the discussion it seems that if OCSP is a SHOULD implement, then we need a MUST for

RE: [Emu] RE: draft-simon-emu-rfc2716bis-07.txt

2007-02-16 Thread Ryan Hurst
In-line -Original Message- From: Joseph Salowey (jsalowey) [mailto:[EMAIL PROTECTED] Sent: Friday, February 16, 2007 10:42 AM To: Ryan Hurst; Ray Bell; Bernard Aboba; emu@ietf.org Subject: RE: [Emu] RE: draft-simon-emu-rfc2716bis-07.txt -Original Message- From: Ryan Hurst

RE: [Emu] RE: draft-simon-emu-rfc2716bis-07.txt

2007-02-16 Thread Ryan Hurst
-Original Message- From: Joseph Salowey (jsalowey) [mailto:[EMAIL PROTECTED] Sent: Wednesday, February 14, 2007 5:53 PM To: Ryan Hurst; Bernard Aboba; emu@ietf.org Subject: RE: [Emu] RE: draft-simon-emu-rfc2716bis-07.txt Hi Ryan, Looks pretty good, two comments inline below. Joe

RE: [Emu] RE: draft-simon-emu-rfc2716bis-07.txt

2007-02-14 Thread Ryan Hurst
Hi Joe, even more comments in-line: -Original Message- From: Joseph Salowey (jsalowey) [mailto:[EMAIL PROTECTED] Sent: Wednesday, February 14, 2007 7:38 AM To: Ryan Hurst; emu@ietf.org Subject: RE: [Emu] RE: draft-simon-emu-rfc2716bis-07.txt Comments inline below. -Original

RE: [Emu] RE: draft-simon-emu-rfc2716bis-07.txt

2007-02-14 Thread Ryan Hurst
I will do this before I go home today. -Original Message- From: Bernard Aboba [mailto:[EMAIL PROTECTED] Sent: Wednesday, February 14, 2007 12:27 PM To: emu@ietf.org Subject: RE: [Emu] RE: draft-simon-emu-rfc2716bis-07.txt If possible, I'd like to include text arising from this thread in

RE: [Emu] RE: draft-simon-emu-rfc2716bis-07.txt

2007-02-14 Thread Ryan Hurst
, peer implementations SHOULD also support checking for certificate revocation after authentication completes and network connectivity is available, and SHOULD utilize this capability. -Original Message- From: Ryan Hurst [mailto:[EMAIL PROTECTED] Sent: Wednesday, February 14, 2007