Fernando: > On 9/12/20 18:09, Russ Housley wrote: >> I have to comments. >> 1) I do not see this document as a BCP. Despite the inclusion of the boilerplate, there is not a single MUST in the document. I have no objection to an Informational RFC. > > FWIW, version -04 had the following text: > > ---- cut here ---- > 5. Security and Privacy Requirements for Identifiers > > Protocol specifications that specify transient numeric identifiers > MUST: > ---- cut here ---- > > This was changed in response to feedback we got. But we could add some text in that line, whether "MUST" or "SHOULD" > > I believe it would be a shame for us to be unable to do a BCP on the topic, given the bad track the IETF has had with respect to transient identifiers, and given that, for multiple reasons, this effort has taken about 5 years so far.... My previous message addresses this point. I won't repeat myself here. >> 2) The document is really about transient identifiers. It does not only apply to ones that are numeric. > > That's probably the case. However, the ones we assessed are all numeric identifiers. And those are the ones that we have analyzed in the companion document draft-irtf-pearg-numeric-ids-generation > > Just curious: what are the non-numeric transient identifiers you had in mind? You missed my point. I would not want someone to think that the guidance here in to relevant because the implementation uses a string variable. Russ -- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call
