I would totally agree that this type of guidance needs to be added to this document.
Jim > -----Original Message----- > From: Alan DeKok <al...@deployingradius.com> > Sent: Sunday, March 10, 2019 5:58 AM > To: Jim Schaad <i...@augustcellars.com> > Cc: Michael Richardson <mcr+i...@sandelman.ca>; EMU WG > <emu@ietf.org> > Subject: Re: [Emu] Notes on session resumption with TLS-based EAP > methods > > On Mar 9, 2019, at 7:46 PM, Jim Schaad <i...@augustcellars.com> wrote: > > Yes - The resumption credential is on the user's device and on the TLS > > server. If the user's device moves then things are just fine. Again, > > the TLS server would need to check the credentials from the cached > > session > > My point is that neither RFC 5216 nor this document gives any guidance > here. They don't even mention checking cached authentication data. > > Alan DeKok. _______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu
