[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Evaluation: draft-ietf-pkix-wlan-extns - Certificate Extensions and Attributes Supporting
Margaret:
(1) If I understand correctly, the list of SSIDs that a particular
certificate applies to will be passed around in the certificate itself...
The security considerations section does say (one way or the other)
whether this information would be sensitive in any way. Should I presume
that it isn't?
Some security experts recommend that the SSID be masked in the beacon sent
out by the Access Point (AP). They believe that this makes it harder for
an attacker to find the correct AP to target. However, there is other
traffic that includes the SSID, so this practice really only makes it a
pain for the legitimate users. The point that was trying to be made here
is that placing the SSID in the certificate does not make matters worse.
(2) The IANA considerations section says that this document defines OIDs
from the IANA-owned space. How do we make sure that we don't have
conflicts in those assignments?
The PKIX working group was given a chunk of the OID space. A single person
(me) manages that space on behalf of the working group. This has been the
practice since the PKIX working group was formed.
Russ