Concerns with EAP Employs new key distribution architecture Poorly understood security properties Three party models have been well studied, but these do not align directly with AAA Select one end-to-end mechanism to protect distributed keys Needs robust key naming scheme Needs to establish fresh session keys Principle of least privilege not followed |