Thank you. I was also looking for an RFC - if any -which documents why.
There is RFC3552 which is the Security Considerations Best Practices but it doesn't answer the WHY question.
Sal
_______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf