[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Please review draft-ietf-capwap-protocol-specification's use of certificates

To: ietf-pkix@xxxxxxx
Subject: Please review draft-ietf-capwap-protocol-specification's use of certificates
From: Sam Hartman <hartmans-ietf@xxxxxxx>
Date: Thu, 20 Dec 2007 21:23:48 -0500
Cc: capwap-chairs@xxxxxxxxxxxxxx, secdir@xxxxxxx
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-id: <ietf-pkix.imc.org>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
Sender: owner-ietf-pkix@xxxxxxxxxxxx
User-agent: Gnus/5.110006 (No Gnus v0.6) Emacs/21.4 (gnu/linux)



Hi, folks.  The capwap working group is preparing to last call their
protocol specification draft.

I'd appreciate review from the pkix community of section 2.4.4.3 and
12.6 of this draft.  These sections specify certificate validation and
certificate usage for the protocol.  Scott Kelly and Charles Clancy
are security advisors for the working group and have been heavily
involved.

The capwap certificate profile assumes that the CN in the certificate
has structure and contains an ethernet MAC address.  The capwap
certificate profile also assumes that parts of the subject name such
as the organization and organizational unit will be important to
certificate matching.

I'd appreciate review and comments.

--Sam

Follow-Ups:
- Re: [secdir] Please review draft-ietf-capwap-protocol-specification's use of certificates
  - From: Stephen Kent

Prev by Date: RE: I-D Action:draft-ietf-pkix-ta-mgmt-problem-statement-00.txt
Next by Date: I-D ACTION:draft-ietf-pkix-rfc3280bis-10.txt
Previous by thread: straw polls closed
Next by thread: Re: [secdir] Please review draft-ietf-capwap-protocol-specification's use of certificates
Index(es):
- Date
- Thread