Hi to all,
I have submitted a draft for a new X509v3 extension to improve security
in EAP environments by including information which is implicitly defined
by the communication context in the certificate .
This is done e.g. by including the Realm of the username in the
certificate, to give clients
With a very quick skim, it appears that you are trying to do the same thing as
RFC 7585.
Russ
> On Nov 9, 2019, at 12:33 PM, Jan-Frederik Rieckers
> wrote:
>
> Signed PGP part
> Hi to all,
>
> I have submitted a draft for a new X509v3 extension to improve security
> in EAP environments by i
On Nov 9, 2019, at 1:00 PM, Russ Housley wrote:
>
> With a very quick skim, it appears that you are trying to do the same thing
> as RFC 7585.
I think there's overlap, but it's not quite the same thing.
Both proposals add a "known realm" as an X.509 certificate property. They
differ in t
