Joseph Salowey (jsalowey) wrote: > I think it is worthwhile to support an mode of operation that supports peer > privacy. I've seen this implemented in tunnel methods in two different > ways. One with renegotiation as described below and the other as an inner > EAP-TLS exchange after an anonymous outer exchange. I don't really have a > strong opinion as to which is better at this point. It seems that using an > inner EAP-TLS may be more flexible and would offer the same security > properties and might be a simpler model. > > Any opinions on the list?
The inner EAP-TLS has proven to work before. It seems fine. Alan DeKok. _______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu