On Feb 5, 2019, at 12:28 AM, Mohit Sethi M <[email protected]> wrote: > > The recommendations in this document may be used by all TLS-based EAP > methods. However, fragmenting large certificates and certificate chains > into many small messages is less of a problem when only one side > (server) is authenticating with certificates.
Other TLS-based EAP methods allow the use of client certificates, too. While not the normal use-case, it is a well-known and deployed use-case. The document should add a note that the issue is less of a concern when client certificates are not used. Alan DeKok. _______________________________________________ Emu mailing list [email protected] https://www.ietf.org/mailman/listinfo/emu
