I think this is a good clarification.
-Original Message-
From: Bernard Aboba [mailto:[EMAIL PROTECTED]
Sent: Wednesday, June 06, 2007 2:21 PM
To: emu@ietf.org
Subject: RE: [Emu] Proposed Resolution to multiple Peer-Id/Server-Id
Issue
Also, it has been pointed out that the purpose of
Your right, there can be only one distinguished name.
However there are also cases where there are more than one
subjectAltName may be present with a empty DN also; I don't think
mandating a DN is a good idea since 3280 doesn't do that.
Ryan
-Original Message-
From: Joseph Salowey
Yes that time is correct, 3:00 PM PST.
From: Glen Zorn (gwz) [mailto:[EMAIL PROTECTED]
Sent: Saturday, April 07, 2007 12:15 AM
To: Ryan Hurst
Cc: emu@ietf.org; [EMAIL PROTECTED]
Subject: RE: [Emu] Talk on Windows EAP implementation...
I thought folks on these two lists might be interested
I thought folks on these two lists might be interested in this,
Microsoft will be having a web chat next week discussing its EAP
platform if you want to know more about our implementation and how you
can integrate with it this is probably a interesting talk.
See:
Yup, specifically 3280 says that a issuer, as represented by its DN will
guarantee unique serial numbers within its scope and issue within its
scope non-ambiguous subject DNs (e.g. no dupes).
-Original Message-
From: Sam Hartman [mailto:[EMAIL PROTECTED]
Sent: Friday, April 06, 2007 1:14
I can easily see how crypto-binding could be added to the protocol
without breaking backwards compatibility, eg how negotiation via
TTLSv0's extensibility model could add this in as a optional operation
that the client and server agree upon.
In general I think having a standards based,
Sounds like a good compromise.
From: Bernard Aboba [mailto:[EMAIL PROTECTED]
Sent: Tue 2/20/2007 9:53 PM
To: Ryan Hurst; emu@ietf.org
Subject: RE: [Emu] RE: draft-simon-emu-rfc2716bis-07.txt
The subject field identifies the entity associated
in-line
From: Joseph Salowey (jsalowey) [mailto:[EMAIL PROTECTED]
Sent: Tue 2/20/2007 8:54 PM
To: Ryan Hurst; Bernard Aboba; emu@ietf.org
Subject: RE: [Emu] RE: draft-simon-emu-rfc2716bis-07.txt
If subject naming information is present only
in-line
From: Joseph Salowey (jsalowey) [mailto:[EMAIL PROTECTED]
Sent: Wed 2/21/2007 9:04 AM
To: Ryan Hurst; Bernard Aboba; emu@ietf.org
Subject: RE: [Emu] RE: draft-simon-emu-rfc2716bis-07.txt
If subject naming information is present only
[Joe] I don't see any more confusion over having
multiple serial numbers than having multiples of any other attribute.
[rmh] The point I have been failing to make is that
these other ids are not expected to match a explicit entity, they are
really not much more
In-line
-Original Message-
From: Bernard Aboba [mailto:[EMAIL PROTECTED]
Sent: Monday, February 19, 2007 10:03 PM
To: emu@ietf.org
Subject: RE: [Emu] RE: draft-simon-emu-rfc2716bis-07.txt
From the discussion it seems that if OCSP is a SHOULD implement, then
we
need a MUST for
In-line
-Original Message-
From: Joseph Salowey (jsalowey) [mailto:[EMAIL PROTECTED]
Sent: Friday, February 16, 2007 10:42 AM
To: Ryan Hurst; Ray Bell; Bernard Aboba; emu@ietf.org
Subject: RE: [Emu] RE: draft-simon-emu-rfc2716bis-07.txt
-Original Message-
From: Ryan Hurst
-Original Message-
From: Joseph Salowey (jsalowey) [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 14, 2007 5:53 PM
To: Ryan Hurst; Bernard Aboba; emu@ietf.org
Subject: RE: [Emu] RE: draft-simon-emu-rfc2716bis-07.txt
Hi Ryan,
Looks pretty good, two comments inline below.
Joe
Hi Joe, even more comments in-line:
-Original Message-
From: Joseph Salowey (jsalowey) [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 14, 2007 7:38 AM
To: Ryan Hurst; emu@ietf.org
Subject: RE: [Emu] RE: draft-simon-emu-rfc2716bis-07.txt
Comments inline below.
-Original
I will do this before I go home today.
-Original Message-
From: Bernard Aboba [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 14, 2007 12:27 PM
To: emu@ietf.org
Subject: RE: [Emu] RE: draft-simon-emu-rfc2716bis-07.txt
If possible, I'd like to include text arising from this thread in
, peer
implementations SHOULD also support checking for certificate
revocation after authentication completes and network connectivity
is available, and SHOULD utilize this capability.
-Original Message-
From: Ryan Hurst [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 14, 2007
16 matches
Mail list logo