Some aspects of account management, such as those associated with the authentication credential seem like they may be a good fit. Others, such as paying bills and adding services probably are not as these sorts of tasks tend to be deployment specific.
Suggested text: "2.3. Credential Management Another enhancement to EAP is in the area of credential management. For example, EAP-MSCHAPv2 includes limited support for user account management, namely the possibility for a user to change his password, should it have expired. This is defined in section 7 of [RFC2759]. This use of EAP is not covered by the EAP applicability statement since it goes beyond authentication. In general, account management tasks within EAP SHOULD be limited to tasks directly associated with the credentials used for authentication. The renewal of a password or the maintenance of a PIN code are examples of this type of task. Tasks that are of a more general nature such as payment or service maintenance are NOT RECOMMENDED since they are likely to be very deployment specific leading to EAP methods that are not reusable in other environments. In addition these more general tasks often involve extensive user interaction and the exchange of additional data which can be dangerously close to "bulk data transport". " _______________________________________________ abfab mailing list [email protected] https://www.ietf.org/mailman/listinfo/abfab
