|
Overall this document looks good. I only have two minor comments. Section 12.2 "For EAP-TTLSv0, the Peer-Id is null." I agree that the Peer-Id is null in the case where there is server-only authentication and no cryptographic binding, since in this case, the identity of the peer entity contributing to the keying material is not known. However, when client certificate authentication is used in Phase 1, I would suggest that the Peer-Id is defined as in [RFC5216] Section 5.2. NITs: Change [RFC2716bis] to [RFC5216] everywhere. |
_______________________________________________ IETF mailing list IETF@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf