On Mar 9, 2019, at 7:46 PM, Jim Schaad <i...@augustcellars.com> wrote: > Yes - The resumption credential is on the user's device and on the TLS > server. If the user's device moves then things are just fine. Again, the > TLS server would need to check the credentials from the cached session
My point is that neither RFC 5216 nor this document gives any guidance here. They don't even mention checking cached authentication data. Alan DeKok. _______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu