-- better handling of mechanism-specific error namespace
-- textual error codes
-- better interfaces for initiator EAP configuration/credential management
-- make CBT ASN.1 ??
- integration with initiator-side EAP channel bindings
- integration with final supplicant architecture
-- integration with libradsec
-- port to Heimdal
+- test Heimdal port