Rainer Gerhards schrieb:
One could argue if disabling authentication is a desirable "authentication option" :-)I think this is a loophole and not the intent of the I-D ;)
I would argue it is.If the admin wants to implement a local policy of 'best effort' then that should be possible. It just has to be clear which configuration leads to which kind of behaviour (and security level).
-- Martin