2.1.2.1 Establishing a Security Level

Every protocol participant SHOULD use mutual authentication when establishing a new session. If the destination does not support mutual authentication, a protocol participant SHOULD use incoming authentication. If the destination does not support incoming authentication, a protocol participant MAY use No Security.<2>