On Feb 5, 2018, at 4:03 AM, Mohit Sethi <mohit.m.se...@ericsson.com> wrote: > Thanks for raising this issue. I am trying to understand the problem of large > certificates and longer certificate chains a bit better. > > From your deployment experience, is the problem equally bad for > authentication in both directions (i.e. both client and server certificates > are large with long certificate chains)?
More so for clients. > And is the problem only the number of EAP messages/packets, or also the > duration of a single authentication run (i.e. AP implementations drop EAP > session if not completed within x seconds/minutes)? Mainly the number of EAP messages. The duration is less of an issue, because it almost always happens within a second. Alan DeKok. _______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu
