Should EAP-TTLS only allow IETF phase 2 methods ?

Olivier Roberdet o.roberdet at
Mon Sep 9 06:27:27 PDT 2019

Your latest commits adding support for vendor specific EAP phase 2
methods for EAP-TTLS and PEAP are exactly what I needed.
Thank you.

On Mon, Sep 9, 2019 at 2:49 PM Jouni Malinen <j at> wrote:
> On Fri, Aug 09, 2019 at 06:45:38PM +0200, Olivier Roberdet wrote:
> > In eap_server_ttls.c, line 837, the eap_server_get_eap_method() is
> > called with the EAP_VENDOR_IETF constant passed as the vendor ID. I am
> > wondering why the vendor ID has to be this one and not the one of the
> > EAP Type that is being used. How would one use a custom EAP method for
> > phase2 ?
> There is no vendor specific authentication method other than a dummy one
> for testing purposes in hostap.git, so there has not been much of a need
> for such capability. Anyway, there is now support for vendor specific
> EAP methods in Phase 2 of EAP-TTLS/PEAP/FAST/TEAP in the development
> repository snapshot.
> --
> Jouni Malinen                                            PGP id EFC895FA

More information about the Hostap mailing list