TLS Inner Application?

Jouni Malinen jkmalinen at
Tue Feb 8 17:47:57 CET 2011

On Mon, Feb 7, 2011 at 11:50 AM, Simon Josefsson <simon at> wrote:
> Is anyone using or cares about TLS/IA support in GnuTLS?  The
> implementation of TLS/IA was done against a draft that has expired 5
> years ago and that never made it into a proper RFC.  It would be nice to
> remove obsolete stuff, so we want to remove it.

There is a preliminary implementation of EAP-TTLSv1 in
wpa_supplicant(peer) and hostapd(server). However, I do not know
whether anyone really uses that, but there is indeed code that is
currently assuming this functionality to be available in GnuTLS. That
code is disabled by default in wpa_supplicant/hostapd, so removing
this from GnuTLS would not break the default build. In addition,
enabling of this code is not documented anywhere, so one would need to
go through the source code to figure out how to enable this.

- Jouni

More information about the Gnutls-devel mailing list