Remaining open issues… Check draft against current keying framework and state machine Detail security considerations section to match the EAP base protocol requirements to EAP methods Reduce the number of messages? Identity exchange optional Notifications Add description for support of IKEv2 notifications Change roles of initiator/responder? Swapping these roles with respect to EAP peer/server could save one roundtrip Remove optional support for tunneled method? Would mean to remove the inner IKEv2 EAP exchange to simplify the method However, this is optional in IKEv2 anyway |