RFC 3576 compliance

[MikhailMS]

In RFC 3576

Implementations of this specification SHOULD support IPsec [RFC2401]
along with IKE [RFC2409] for key management.  IPsec ESP [RFC2406]
with a non-null transform SHOULD be supported, and IPsec ESP with a
non-null encryption transform and authentication support SHOULD be
used to provide per-packet confidentiality, authentication, integrity
and replay protection.  IKE SHOULD be used for key management.

and

Where IPsec replay protection is not used, the Event-Timestamp (55)
Attribute [RFC2869] SHOULD be included within all messages.  When
this attribute is present, both the NAS and the RADIUS server MUST
check that the Event-Timestamp Attribute is current within an
acceptable time window.  If the Event-Timestamp Attribute is not
current, then the message MUST be silently discarded.  This implies
the need for time synchronization within the network, which can be
achieved by a variety of means, including secure NTP, as described in
[NTPAUTH].

Seems like I am missing small bits from RFC 3576, so need to check on if it is beneficial to priorotise them into the next release

The rest of the RFC is either implemented or not appicable because it is more about application logic (RADIUS Server/Client) then RADIUS protocol per se