Hi,
I have a question. I have some experience with code reuse, but I was
hacking, err... prototyping. What is the general sense on using a piece
of TLS code to do things like EAP-TLS or EAP-TLS and EAP-TLS-PSK? I ask
because elsewhere people make the argument that TLS is already there on
a certain device and so DTLS is an incremental implementation etc.
I hope we don't have a huge thread on it, but I am curious about
thoughts on reuse.
thanks,
Lakshminath
Jouni Malinen wrote:
On Mon, Mar 05, 2007 at 06:03:18PM -0800, Narayanan, Vidya wrote:
As far as I can tell, EAP-TLS-PSK would be yet another EAP method in the
same sense as EAP-GPSK, so I don't see EAP-TLS-PSK in any way a better
solution from the view point of not adding a new method.
As far as comparison of EAP-GPSK vs. EAP-TLS-PSK is concerned, one
major part is in EAP-GPSK being much simpler and smaller from
implementation view point. In most cases, extending TLS seems to bring
in a major extra cost of having to modify a TLS library which is not
desirable in many cases. It may mean that the TLS implementation
included in the system would not be suitable and the EAP implementation
would need to bring in another TLS implementation with maintenance and
memory/flash footprint concerns.
_______________________________________________
Emu mailing list
[email protected]
https://www1.ietf.org/mailman/listinfo/emu
