Requirements RFC2716bis focuses on describing current EAP-TLS implementation, no new enhancements New cipher suites, such as PSK, Kerberos, ECC New TLS extensions, e.g., authorization extension, identity protection extension. RFC4017 requirements: channel binding, identity protection, shared state equivalence. RFC4017 requirement: authentication methods beyond certificates User name and password, secure token card, mobile credentials, asymmetric credentials (password one side and private/public key on other side) Any others: enrollment, arbitrary data exchange, bootstrapping? |