I'm using open-ssl to do EAP-TLS authentication, then I've a question about something strange for me. When you want to use TLS to mount an uncrypted tunnel, you need a session key, but in authentication you only need certificate checking ?? Why generate pre-master-key, master-key, etc... if datas aren't crypted after authentication. Is it just to respect the protocol ?
For computing the HMACs keys are needed, therefore you need the pre-master-key etc. in any case.
Ciao,
Richard
--
Dr. Richard W. Könning
Fujitsu Siemens Computers GmbH
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
