I would totally agree that this type of guidance needs to be added to this document.
Jim > -----Original Message----- > From: Alan DeKok <[email protected]> > Sent: Sunday, March 10, 2019 5:58 AM > To: Jim Schaad <[email protected]> > Cc: Michael Richardson <[email protected]>; EMU WG > <[email protected]> > Subject: Re: [Emu] Notes on session resumption with TLS-based EAP > methods > > On Mar 9, 2019, at 7:46 PM, Jim Schaad <[email protected]> wrote: > > Yes - The resumption credential is on the user's device and on the TLS > > server. If the user's device moves then things are just fine. Again, > > the TLS server would need to check the credentials from the cached > > session > > My point is that neither RFC 5216 nor this document gives any guidance > here. They don't even mention checking cached authentication data. > > Alan DeKok. _______________________________________________ Emu mailing list [email protected] https://www.ietf.org/mailman/listinfo/emu
