Document: EAP Tunneled TLS Authentication Protocol Version 0 Reviewer: Joel M. Halpern Review Date: 21-March-2008 IETF LC End Date: 2-April-2008 IESG Telechat date: N/A Summary: This document is ready for publication as an Informational RFC. If a revision is to be done, it would make sense to consider the first two comments below, and see if the minor comments can be usefully addressed. Comments: There are two sets of AVPs defined by this document. One set goes in the EAP-TTLS Start packet from the server to the client. The other set are used in the inner TLS protected exchange. The first set are referenced in section 9.2. But as far as I can tell, there is no description of what valid AVPs may appear here. Even if they are the same AVPs as go inside, some text explaining this in section 9.2 would be helpful. Section 7.2 talks about the application utilizing EAP-TTLS specifying the information to be exchanged. It is not clear to me what is meant by "application" here. Does this mean the different authentication mechanisms that the client can select? Or something else? (If something else, how is it known.) A bit of explanatory text would probably help. Minor: The text in section 7.8 talks about the different versions of TLS that can be used. It would be useful (assuming I have correctly understood the protocol) if the text noted that these versions are negotiated by TLS, as part of carrying TLS over TTLS. Section 11.3 on multiple authentication methods could use a couple of extra words at the front. Something like "When the client has selected EAP for authentication, the AAA/H server may request multiple forms of Authentication." Otherwise, the reader tries to tie this to the entirety of 11.2 (client specified authentication) and may get very confused before finding at the end of the section the note that this only applies to EAP. (Leave the note. Just add text at the beginning.) I presume I will find out how the communicating parties agree on what "application" is utilizing EAP-TTLS some time after section 7.2?