#16: Server auth Issue:
4.5.1: I suggest to mention that even in cases where passwords are *not* sent in the clear (e.g. challenge-response methods), server authentication is still a MUST. Comment: Suggested Text: "The EAP server MUST be authenticated before the peer can send the clear text password or information generated directly from the password to the server." -- Ticket URL: <http://trac.tools.ietf.org/wg/emu/trac/ticket/16#comment:1> emu <http://tools.ietf.org/wg/emu/> _______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu
