RFC-4590 (the one the tool selected) is obsoleted by RFC 5090. The attributes defined are shared in clear text. Section 8 goes into this. Radius issues are well known. An additional layer of security is necessary to protect user information. These two docs talk about IPSEC. An alternative would be diameter or something akin to Moonshot.
_______________________________________________ ietf-privacy mailing list ietf-privacy@ietf.org https://www.ietf.org/mailman/listinfo/ietf-privacy