On Apr 14, 2021, at 10:56 AM, Tim Cappalli <tim.cappa...@microsoft.com> wrote: > > Honestly, no information in an EAP server certificate is good enough for a > user to make a "walk up" informed decision.
I'm curious how this is different from say, HTTPS. The use-cases seem pretty similar. > At least requiring an EAP-specific EKU or OID would require operating systems > to separate out the EAP trust store. I agree 100% there. > TLS Web Server Certificate should not be acceptable for EAP. Well, yes. The question is how do we get there from here. Alan DeKok. _______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu
