On Tue, 12 Mar 2024, at 12:37, Yanlei(Ray) wrote: > My understanding here is that the EAP server and client will not > authenticate each other in EAP-TLS, and all the authentication will be > done in the " captive portal ". So why recommend EAP-TLS as a > provisioning method? Just send the identifier "[email protected]" and > then jump to a " captive portal ". Is that OK?
So for OOB provisioning (ie. get an IP to access a captive portal) the conversation would be: >>> EAP-Identity Request <<< EAP-Identity Response[[email protected]] >>> EAP-Success Sounds sensible. Cheers _______________________________________________ Emu mailing list [email protected] https://www.ietf.org/mailman/listinfo/emu
