> At 6:34 PM +0300 4/12/10, Yaron Sheffer wrote: > >there was some off-line discussion on whether the mutual-EAP auth > draft > >should explicitly list the EAP methods that work, securely, with this > >extension. I now tend to say no, and to remove this list (and IANA > >registry) from the next document rev. > > The list is not just "methods we like" but also "methods that are known > to have the properties that are required to be safe here, because some > other methods don't have those properties". > > A different proposal would be to leave the list in as "the authors > think that these methods (and likely others) should be considered as > safe", but not to have the IANA registry, letting developers pick what > to include (including known-unsafe ones).
Or, just list the required "properties", and name some methods as examples. Alper > > --Paul Hoffman, Director > --VPN Consortium > _______________________________________________ > IPsec mailing list > IPsec@ietf.org > https://www.ietf.org/mailman/listinfo/ipsec _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
