[prev in list] [next in list] [prev in thread] [next in thread] 

List:       freeradius-users
Subject:    Re: Resuming a user cached session with EAP-TTLS
From:       Alan DeKok <aland () deployingradius ! com>
Date:       2023-01-23 18:02:16
Message-ID: BA8C8B57-334B-4EC6-A17E-5B5A949A166F () deployingradius ! com
[Download RAW message or body]

On Jan 23, 2023, at 11:07 AM, florentvercourt@gmail.com wrote:
> Ok, I'll try to look my switch config to see if I found parameters to store
> sessions.

  The switch doesn't store TLS session tickets.  It's the end user machine: Windows, \
iPhone, etc.

> Can you please indicate me the lines of logs in my previous
> message, in which resumption ticket is sent, thank very much.

  It's buried inside of the TLS data.  Use wireshark to do protocol decoding.

> > Read the RFCs if you're wondering how TTLS works.
> 
> I have already read it, but I just wanted to know what is the best practice.

  The best practice is to understand how things work before you go poking at \
irrelevant details.

  It doesn't matter how TTLS uses "length" or what the TLS session ticket looks like. \
It matters to know that the switch doesn't store the TLS session tickets.

  Alan DeKok.

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html


[prev in list] [next in list] [prev in thread] [next in thread]