On Jan 27, 2021, at 3:25 PM, Joseph Salowey <j...@salowey.net> wrote: > [Joe] It seems that resumption would help in the case that large certificates > cause multiple round trips. Do you have an idea of how widespread resumption > use is in current EAP-TLS implementations?
It's common. Perhaps not ubiquitous, but common. Once deployments get past the trivial / tiny certificate stage, resumption helps lower the number of round trips required. For PEAP and TTLS, it's even more common. The main benefit to session resumption there is that the name / password does not need to be checked against an external database. For slow databases, TLS session resumption can result in significantly lower load, and significantly faster re-auth times. Alan DeKok. _______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu
