Helllo Jay > The Internet Draft address what you described in web client/Apache > server and mail client and mail server applications. The TLS-EAp > extension is leveraging existing user credential and profile in AAA > server. In addition, you have flexibility to choose different > authentication method using EAP. You can use token based > authentication or client Certificate based authentication.
What I still do not understand completely is the Client side integration into existing software, e.g. Firefox which has its own TLS implementation. So, theoretically you need to modify the TLS implementation of each Client program that it can handle the InterimAuth Message and forward the following EAPMessages to the EAP-Infrastructure. > What kind of mail client/mail server and web client/web server are you using? Well I think we'll use Firefox / Apache2. Best Regards Martin - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html