On Jan 16, 2020, at 4:02 PM, Eliot Lear (elear) wrote:
>
> Ok not for nothing but this is getting silly.
Yes.
> If a CA actually revoked a cert for someone using it for EAP, would they
> also have to revoke for someone using it for SMTP, XMPP, and IMAP?
That is apparently the claim.
>
Eliot Lear (elear) wrote:
>> On 15 Jan 2020, at 16:10, Michael Richardson
wrote:
>>
>>
>> Eliot Lear (elear) wrote:
Owen, do we have a need to recognize that a device needs to perform
onboarding again after a movement?
i.e. device A enrolls o
On 8 Jan 2020, at 17:29, Ryan Sleevi
mailto:ryan-i...@sleevi.com>> wrote:
The CA must revoke if the certificate is misused; that's required by contract.
The CA defines what misuse means.
A number of CAs define misuse as "used for purposes other than TLS web server"
Ergo, obtaining and using ce
On Jan 15, 2020, at 11:07 PM, Benjamin Kaduk wrote:
> Is there anything better for implementations to actually do (as distinct
> from what we write down as recommendations) than to start setting up a
> parallel (purpose-specific) PKI now and trusting that in parallel with what
> they're currently
Hi,
I have reviewed the eap-noob document and believe it is ready for adoption.
I have made a series of comments that are mostly editorial and some
clarifying questions. I am happy to review the document further.
Yours,
Daniel
[...]
Abstract
Extensible Authentication Protocol (EAP) provi