On Mar 10, 2019, at 1:27 PM, Michael Richardson <mcr+i...@sandelman.ca> wrote: > > If there is no legit use case for TLS resumption, then it seems that EAP > servers SHOULD disable TLS resumption.
There are very many use-cases for TLS resumption. The point is that all of these use-cases require additional information. i.e. the credentials from the original authentication. As such, this document needs to give guidance on this topic. Alan DeKok. _______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu
