Objectives
Mutual authentication of client and server
Support of legacy password protocols as well as client certificates
Secure distribution of data ciphering material
Seamless compatibility with existing RADIUS infrastructure
Secrecy of user credentials within access domain
Support of roaming from lightly configured access domains