On Jun 9, 2023, at 6:12 PM, Joseph Salowey wrote:
> Given that this isn't currently being done in implementations, I think that
> the answer here is "no". But it's likely worth adding a note to the effect
> that:
>
> [Joe] I would also say no here.
OK. I'll add some notes on this
On Mon, Jun 5, 2023 at 9:23 PM Alan DeKok wrote:
> In TTLS, any inner method challenge (CHAP / MS-CHAP) is tied to the TLS
> session:
>
> https://www.rfc-editor.org/rfc/rfc5281.html#section-11.2.3
>
> ... Upon receipt of these AVPs from the client, the TTLS server MUST
>verify that the
In TTLS, any inner method challenge (CHAP / MS-CHAP) is tied to the TLS
session:
https://www.rfc-editor.org/rfc/rfc5281.html#section-11.2.3
... Upon receipt of these AVPs from the client, the TTLS server MUST
verify that the value of the MS-CHAP-Challenge AVP and the value of
the