On Nov 21, 2018, at 10:36 AM, Dr. Pala wrote:
>
> in other environment we had to add the attribute about which ID was actually
> authenticated in the final messages because of additional operations that
> some network equipment needs to perform that requires the identity of the
> supplicant to
(Aruba Security)' ; 'Alan DeKok'
Cc: emu@ietf.org; 'John Mattsson'
Subject: Re: [Emu] FW: New Version Notification for draft-ietf-emu-eap-
tls13-03.txt
-Original Message-
From: Emu On Behalf Of Cappalli, Tim (Aruba
Security)
Sent: Wednesday, November 14, 2018
t; From: Emu On Behalf Of Jim Schaad
> Sent: Wednesday, November 14, 2018 10:35 AM
> To: 'Cappalli, Tim (Aruba Security)' ; 'Alan DeKok'
>
> Cc: emu@ietf.org; 'John Mattsson'
> Subject: Re: [Emu] FW: New Version Notification for draft-ietf-emu-eap-
&g
On Nov 14, 2018, at 1:34 PM, Jim Schaad wrote:
>> The only way to provide the real identity back to the NAS would be sending it
>> back as the IETF User-Name in the Access-Accept with the assumption that
>> the NAS would honor it.
>
> My first response to this would be - what happens as an attack
> -Original Message-
> From: Emu On Behalf Of Cappalli, Tim (Aruba
> Security)
> Sent: Wednesday, November 14, 2018 6:49 AM
> To: Alan DeKok
> Cc: emu@ietf.org; John Mattsson
> Subject: Re: [Emu] FW: New Version Notification for draft-ietf-emu-eap-
> tls13-03.t
Alan DeKok wrote:
> For me, I would be fine with making the anonymous NAI mandatory. I
> just don't see any end-user benefit to exposing their identities. And
> there are benefits to privacy.
>> In terms of infrastructure, logging into a wireless controller, switch
>>or NMS
On Nov 14, 2018, at 9:48 AM, Cappalli, Tim (Aruba Security)
wrote:
>
> The question was asked about making it anonymous NAI mandatory in the
> Identity Response. That is what my comments were targeted to.
OK.
For me, I would be fine with making the anonymous NAI mandatory. I just
don't
The question was asked about making it anonymous NAI mandatory in the Identity
Response. That is what my comments were targeted to.
In terms of infrastructure, logging into a wireless controller, switch or NMS
and seeing hundreds of "anonym...@enterprise.co" makes an administrator's life
misera
On Nov 14, 2018, at 8:16 AM, Cappalli, Tim (Aruba Security)
wrote:
>
> Making it mandatory to use an anonymous NAI will be a huge issue in
> enterprise where the infrastructure, device and enterprise identity is owned
> by the enterprise. There is no proxy or third party provider.
I don't se
Making it mandatory to use an anonymous NAI will be a huge issue in enterprise
where the infrastructure, device and enterprise identity is owned by the
enterprise. There is no proxy or third party provider.
Seeing "anonym...@enterprise.com" across all network infrastructure is not
going to be a
Hi,
We have updated the draft according to the discussion and conclusions at IETF
103.
- New figure showing the message flow for EAP-TLS client rejection of
NewSessionTicket
- The draft did not mention that TLS has both warning and fatal alerts. We
changed "TLS Alert Message" to " TLS Fata
11 matches
Mail list logo