Hi Eliot,
Few thoughts:
- If the current client's certificate was requested via TEAP by PKCS#10
TLV - then maybe it makes sense for the client to send Request-Action
TLV + PKCS#10 TLV again with the same certificate parameters
- If the current client's certificate was not requested via
Eliot gave me some hint offline and here's what we can do in TEAP with
regards of certificate provisioning/enrollment/renewal.
In the current TEAP RFC, when the peer wants to get list of Trusted Roots
it sends Trusted-Server-Root TLV with credential type field - a constant
value 1 for PKCS#7 and w
No objections were raised against adoption of this document as a working
group item. The adoption call is now closed. Alan, please submit the
draft as a working group item.
We still need consensus on TEAP specifics. There are 3 issues:
1. Fixing TEAP errata: https://www.rfc-editor.org/errata_se
