Hi Alan, The mentioned requirement comes from Section 2.4 of RFC 5216, which states that:
"Since the ciphersuite negotiated within EAP-TLS applies only to the EAP conversation, TLS ciphersuite negotiation MUST NOT be used to negotiate the ciphersuites used to secure data." However, I do not really understand why such a requirement would be needed. For instance, QUIC uses the TLS 1.3 handshake ciphersuite negotiation to negotiate the algorithms used in QUIC. If this is a problem, we should discuss if any updates are needed. /John _______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu