At 6:34 PM +0300 4/12/10, Yaron Sheffer wrote: >there was some off-line discussion on whether the mutual-EAP auth draft >should explicitly list the EAP methods that work, securely, with this >extension. I now tend to say no, and to remove this list (and IANA >registry) from the next document rev.
The list is not just "methods we like" but also "methods that are known to have the properties that are required to be safe here, because some other methods don't have those properties". A different proposal would be to leave the list in as "the authors think that these methods (and likely others) should be considered as safe", but not to have the IANA registry, letting developers pick what to include (including known-unsafe ones). --Paul Hoffman, Director --VPN Consortium _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
