I’m the assigned INTDIR reviewer for this document. This document defines the Tunnel Extensible Authentication Protocol V1 which obsoletes RFC7010. 

I couldn’t find any technical issues, but some nits as listed below. 

Please spell out the acronyms in the first use, e.g., PKCS

Pg13 “In some cases such as onboarding …”.  It may be necessary to elaborate the terms used here.

Pg14  “It will therefore no way of correlating the server identity…”  Grammer check

Pg18 “MUST accompany the TLV with it's own Crypto-Binding TLV”     it’s own -> its own

Pg18 “to communicate a users password,”   users -> user’s

Pg 20.  “EAP- FAST [RFC4851]”   remove the space after EAP-

Pg 22. “it requires a particular authentication mechanism be run”  be run -> to be run 

Pg. 24 “in all phases of TEAP’  all -> both?

Pg27. “The device authentications, and obtains new credentials via”  authentications, -> authenticates 

Pg31. “If the server didn't initiate …”   didn’t -> did not 

Pg 34. “If all TLVs in a message are marked optional and none are understood by the peer, then a NAK TLV or Result TLV could be sent to the other side in order to continue the conversation.” The two sentences seem logically conflicting with each other.

Pg38. “The behavior of the Result TLV is further discussed in Section 3.6.5 and Section 3.9.3 A Result” missing period before A Result.

Pg.46. “after one or more of the requested items has been processed …”   has -> have

Pg 60. “The Identity-Hint TLV is an optional TLV which can sent by the peer”  can sent -> can be sent

Pg 60. “the format and definition of these identities is entirely site local.”   is -> are

Pg 64. “Note that using a MSK…” a -> an


Thanks,
Haoyu