1 - better handling of mechanism-specific error namespace
3 - better interfaces for initiator EAP configuration/credential management
5 - integration with initiator-side EAP channel bindings
6 - integration with final supplicant architecture
7 - integration with libradsec