Yes, but I do not see how EAP would differ from any other TLS deployment with 
external PSK.

Can you give an example of an existing TLS 1.3 deployment that offers both 
resumption PSKs and external PSKs?

EAP-TLS would not be different from other TLS deployments with external PSKs. 
However, so far EAP-TLS has only been used with certificates. If we are adding 
support for external PSKs, we should make sure that implementations know how to 
handle them.


Emu mailing list

Reply via email to