On 17/12/20 20:47, Joseph Touch wrote:
[...]
I don’t think this is actually a practical problem, although I am
curious to know if you know of new hardware for which it would be a
problem. I will admit that ancient hardware might have trouble, but it
probably won’t be updated, given the state of the art at present, so I
don’t think such a device poses a serious problem.
What you add as a requirement ends up excluding as a platform. That’s
the antithesis of Internet design.
Our document requires the spec to spell out the interop requirements for
the IDs, analysis their sec/privacy implications, and suggest an
algorithm (or more than one, if you wish) to generate them.
The point is that these are tradeoffs of *implementation*, and should
not be described as protocol deficiencies.
The tradeoffs should be in your suggestions.
We devote to specs and have got the specification of transient numeric
IDs for ages. I don't think anyone could realistically pretend
implementaers to go and do an assessmet for each algorithm for each ID
employed by a protocol. -- the exception probably being OpenBSD.
Seriously. Anybody that has ever been involved in the stack of any open
source project knows that.
--
Fernando Gont
SI6 Networks
e-mail: fgont@xxxxxxxxxxxxxxx
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
--
last-call mailing list
last-call@xxxxxxxx
https://www.ietf.org/mailman/listinfo/last-call
