RFC 4017 (cont’d) Mandatory Requirements Key generation Key strength Mutual authentication Shared state equivalence Dictionary attack resistance Man-in-the-middle attack protection Protected ciphersuite negotiation Recommended Requirements Fragmentation support Identity hiding Optional Features Channel Binding Fast reconnect |