Re: [Last-Call] Last Call: <draft-gont-numeric-ids-sec-considerations-06.txt> (Security Considerations for Transient Numeric Identifiers Employed in Network Protocols) to Best Current Practice

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Fernando:

>>> On Wed, Dec 09, 2020 at 04:09:07PM -0500, Russ Housley wrote:
>>>> I have to comments.
>>>> 
>>>> 1) I do not see this document as a BCP.  Despite the inclusion of the boilerplate, there is not a single MUST in the document.  I have no objection to an Informational RFC.
>>> 
>>> The assumption/expectation was that this would become part of BCP 72 along
>>> with RFC 3552.  Do you think it should be a standalone document, or can you
>>> propose normative language that would make it more appropriate as a BCP?
>> I'd advise an Informational document. 
> 
> FWIW, our intent is to have a BCP document that is part of (i.e., updates) BCP72.  Given that flawed transient identifiers have plagued most IETF protocols we can think of, we believe the topic deserves a BCP.
> 
> 
>> I think an additional section with normative text would be needed or additional normative paragraphs after each of the problem descriptions would be needed.
> 
> Could you please elaborate?

It is not a Best Current Practice if the document does not provide MUST and SHOULD statements for implementers to follow.

The current document provides information for implementers to consider in making their design choices, but it falls short if a BCP in my view.

Russ

-- 
last-call mailing list
last-call@xxxxxxxx
https://www.ietf.org/mailman/listinfo/last-call



[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Mhonarc]     [Fedora Users]

  Powered by Linux