On Sat, Jan 27, 2024 at 9:53 AM Eliot Lear <lear@xxxxxxx> wrote:
Want a messier example? An X.509 certificate. Geech.
That last one is interesting. I just use a "managed certificate", and I never even need to monitor it. It would be a little cheaper if I did it myself.
But I think the point here is that the expiry date is not helpful. What's it doing here? Of course, I'm going to cite some expired ones now.*
It doesn't tell you whether there's a newer one. Since, sometimes a new draft comes out every few weeks. For example, the -02 there is not expired by date.
Alternatively, it could be that the situation is "this looks pretty good, let's see what happens". Some WGs work that way. There are also some tough problems like HTTP and TLS (these are the ones I know), where the commonly cited RFC is usually the wrong one.
So, does a non-expiring I-D damage the RFC series? I think it's actually better, because then we don't need to publish informational ones about rejected approaches and such.
thanks,
Rob
*
