EAP-TLS without client authentication - Another possible approach to achieve this?