On Nov 20, 2019, at 9:58 AM, Dan Harkins wrote:
>> The use-case of the document is that an individual is issued a client
>> certificate. That certificate contains an OID about the expected use-case
>> (EAPoL), and also a list of SSIDs used to perform EAP. When a client system
>> is
On 11/20/19 4:11 AM, Alan DeKok wrote:
On Nov 20, 2019, at 5:23 AM, Dan Harkins wrote:
I am asking for
ambiguous data to be certified and placed in my certificate for my own use? If
this attribute
is in a certificate I receive then what does it mean to "select the correct
certificate for
On Nov 19, 2019, at 10:40 PM, Owen Friel (ofriel) wrote:
>
> Assuming that NAIRealm is a registered domain as per RFC 7542, and thus
> public CAs can verify ownership, the goal / where we want to get to is:
>
> - CA may be a public CA and thus public CAs can be enabled by default in
>
On Nov 20, 2019, at 5:23 AM, Dan Harkins wrote:
>> See RFC 4334 and its discussion of SSIDs.
>
> Is this _my_ certificate that has this attribute in it or is it in a
> certificate I receive?
The Introduction of RFC 4334 says:
Automated selection of client certificates for use with PPP
On 11/19/19 4:17 AM, Alan DeKok wrote:
On Nov 18, 2019, at 7:39 PM, Dan Harkins wrote:
[snip]
Then what you can infer from a domain name in a certificate issued by such a
CA
is that the holder of the corresponding private key controls that domain.
Nothing
more, nothing less. But you
