On Feb 2, 2023, at 2:22 AM, Eliot Lear <l...@lear.ch> wrote: > I am wondering if we should close this issue. At the end of the day, if the > client knows it's doing something like 2FA that requires an EAP method, it > can initiate.
I'm not clear how that would happen. Nothing in the doc discusses how a client may choose authentication methods. > If it doesn't and the server decides it needs it based on the > Basic-Password-Auth-Resp, then the server can insist, using a Request-Action > TLV that requests EAP. That does work, but it adds another round of packets, which is less than optimal. Alan DeKok. _______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu
