%% You should probably cite rfc9191 instead of this I-D. @techreport{ietf-emu-eaptlscert-08, number = {draft-ietf-emu-eaptlscert-08}, type = {Internet-Draft}, institution = {Internet Engineering Task Force}, publisher = {Internet Engineering Task Force}, note = {Work in Progress}, url = {https://datatracker.ietf.org/doc/draft-ietf-emu-eaptlscert/08/}, author = {Mohit Sethi and John Preuß Mattsson and Sean Turner}, title = {{Handling Large Certificates and Long Certificate Chains in TLS-Based EAP Methods}}, pagetotal = 12, year = 2020, month = nov, day = 20, abstract = {The Extensible Authentication Protocol (EAP), defined in RFC 3748, provides a standard mechanism for support of multiple authentication methods. EAP-TLS and other TLS-based EAP methods are widely deployed and used for network access authentication. Large certificates and long certificate chains combined with authenticators that drop an EAP session after only 40 - 50 round trips is a major deployment problem. This document looks at this problem in detail and describes the potential solutions available.}, }