Oh also the tls-config construct means "cache.name" might be shared by >1 module which may have the effect of allowing e.g. a peap session to be resumed against the ttls module with crazy/bad results. There is probably some way to avoid this...
--
Sent from my mobile device, please excuse brevity and typos