[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Evaluation: draft-ietf-pkix-wlan-extns-04.txt

To: IESG Secretary <iesg-secretary@ietf.org>, Internet Engineering Steering Group <iesg@ietf.org>
Subject: Re: Evaluation: draft-ietf-pkix-wlan-extns-04.txt
From: hardie@qualcomm.com
Date: Mon, 4 Aug 2003 10:34:47 -0700
In-reply-to: <E19ifK6-00011N-Lw@asgard.ietf.org>
References: <E19ifK6-00011N-Lw@asgard.ietf.org>

Ted Hardie           [   ]     [   ]     [ x  ]     [   ]

Since there is no guarantee of uniqueness for  SSIDs,
it seems like there may be a separate step needed
when you have the "every SSID is called CORP" problem.
This text, in particular:

   The Wireless LAN (WLAN) System Service identifiers (SSIDs) public key
   certificate extension is always non-critical.  It contains a list of
   SSIDs.  When more than one certificate includes an extended key usage
   extension indicating that the certified public key is appropriate for
   use with the EAP in the LAN environment, the list of SSIDs MAY be
   used to select the correct certificate for authentication in a
   particular WLAN.

may need to contain text on what to do if more than one certificate
contains the same octet string as an SSID.  Given that the whole
thing is a "MAY" the answer may well be "try them in turn" or
something very basic, but a note of the problem and what to do
would be useful.
			thanks,
				Ted

Follow-Ups:
- Re: Evaluation: draft-ietf-pkix-wlan-extns-04.txt
  - From: Russ Housley <housley@vigilsec.com>

References:
- Evaluation: draft-ietf-ipsec-ciph-aes-ctr - Using AES Counter Mode With IPsec ESP
  - From: IESG Secretary <iesg-secretary@ietf.org>

Prev by Date: iesg unsubscribe notification
Next by Date: RE: FW: AD response to Site-Local Appeal
Previous by thread: Evaluation: draft-ietf-ipsec-ciph-aes-ctr - Using AES Counter Mode With IPsec ESP
Next by thread: Re: Evaluation: draft-ietf-pkix-wlan-extns-04.txt
Index(es):
- Date
- Thread