%% You should probably cite rfc9190 instead of this I-D. @techreport{ietf-emu-eap-tls13-15, number = {draft-ietf-emu-eap-tls13-15}, type = {Internet-Draft}, institution = {Internet Engineering Task Force}, publisher = {Internet Engineering Task Force}, note = {Work in Progress}, url = {https://datatracker.ietf.org/doc/draft-ietf-emu-eap-tls13/15/}, author = {John Preuß Mattsson and Mohit Sethi}, title = {{Using EAP-TLS with TLS 1.3}}, pagetotal = 33, year = 2021, month = may, day = 4, abstract = {The Extensible Authentication Protocol (EAP), defined in RFC 3748, provides a standard mechanism for support of multiple authentication methods. This document specifies the use of EAP-Transport Layer Security (EAP-TLS) with TLS 1.3 while remaining backwards compatible with existing implementations of EAP-TLS. TLS 1.3 provides significantly improved security, privacy, and reduced latency when compared to earlier versions of TLS. EAP-TLS with TLS 1.3 further improves security and privacy by always providing forward secrecy, never disclosing the peer identity, and by mandating use of revocation checking. This document also provides guidance on authorization and resumption for EAP-TLS in general (regardless of the underlying TLS version used). This document updates RFC 5216.}, }