Skip to main content

Handling Large Certificates and Long Certificate Chains in TLS-based EAP Methods
draft-ietf-emu-eaptlscert-00

The information below is for an old version of the document.
Document Type Expired Internet-Draft (emu WG)
Authors Mohit Sethi , John Preuß Mattsson , Sean Turner
Last updated 2020-03-01 (Latest revision 2019-08-13)
Replaces draft-ms-emu-eaptlscert
Stream Internet Engineering Task Force (IETF)
Formats
Expired & archived
plain text xml htmlized pdfized bibtex
Reviews
OPSDIR Last Call Review Incomplete, due 2020-10-28
Stream WG state In WG Last Call
Associated WG milestone
Nov 2019
WG last call on operational recommendations for large certificate and chain sizes
Document shepherd (None)
IESG IESG state Expired
Consensus boilerplate Unknown
Telechat date (None)
Responsible AD (None)
Send notices to (None)
This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at:
https://www.ietf.org/archive/id/draft-ietf-emu-eaptlscert-00.txt

Abstract

EAP-TLS and other TLS-based EAP methods are widely deployed and used for network access authentication. Large certificates and long certificate chains combined with authenticators that drop an EAP session after only 40 - 50 round-trips is a major deployment problem. This memo looks at the this problem in detail and describes the potential solutions available.

Authors

Mohit Sethi
John Preuß Mattsson
Sean Turner

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)