Please review and discuss the following on this thread. Alan's review raised the issue that the text allows for different identities to be used for the initial handshake and subsequent resumption. Instead the proposal is to always use the same NAI for resumption as for the initial handshake.
I'd like to understand the reason for this concern. It seems like this would make things worse from a privacy perspective unless we also required the NAI to just be @REALM which is the minimum amount of information that can be disclosed and still have the current system work. Thanks, Joe
_______________________________________________ Emu mailing list [email protected] https://www.ietf.org/mailman/listinfo/emu
