Hi all,
The EAP-TLS authentication protocol specification (RFC 5216) mentions in
Section 2.4 that:
- "EAP-TLS implementations MUST support TLS v1.0"
- "SHOULD support TLS_RSA_WITH_RC4_128_SHA and TLS_RSA_WITH_RC4_128_MD5"
And Sections 5.2, 5.3 and 5.4 do not give latest recommendations for
certificate validation.
Yet, EAP-TLS is wide-spread, and notably used with WPA and WPA2.
Shouldn't it be updated in favour of following RFC 7525 (BCP for TLS)
and RFC 6125 (guideline for certificate validation)?
--
Julien ÉLIE
« The following two statements are usually both true:
There's not enough documentation.
There's too much documentation. » (Larry Wall)
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls