Overall this document looks good. I only have two minor comments. Section 12.2 "For EAP-TTLSv0, the Peer-Id is null." I agree that the Peer-Id is null in the case where there is server-onlyauthentication and no cryptographic binding, since in this case, theidentity of the peer entity contributing to the keying material is not known. However, when client certificate authentication is used in Phase 1, Iwould suggest that the Peer-Id is defined as in [RFC5216] Section 5.2. NITs: Change [RFC2716bis] to [RFC5216] everywhere.
_______________________________________________ IETF mailing list [email protected] https://www.ietf.org/mailman/listinfo/ietf
