Handling Large Certificates and Long Certificate Chains in TLS-based EAP Methods
draft-ietf-emu-eaptlscert-00

Document Type Expired Internet-Draft (emu WG)
Last updated 2020-02-14 (latest revision 2019-08-13)
Replaces draft-ms-emu-eaptlscert
Stream IETF
Intended RFC status (None)
Formats
Expired & archived
pdf htmlized bibtex
Stream WG state WG Document
Document shepherd No shepherd assigned
IESG IESG state Expired
Consensus Boilerplate Unknown
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at
https://www.ietf.org/archive/id/draft-ietf-emu-eaptlscert-00.txt

Abstract

EAP-TLS and other TLS-based EAP methods are widely deployed and used for network access authentication. Large certificates and long certificate chains combined with authenticators that drop an EAP session after only 40 - 50 round-trips is a major deployment problem. This memo looks at the this problem in detail and describes the potential solutions available.

Authors

Mohit Sethi (mohit@piuha.net)
John Mattsson (john.mattsson@ericsson.com)
Sean Turner (sean@sn3rd.com)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)