I think that a downward reference from to RFC 3325 from this document needs a bit of thought and consideration from the community as a whole. Quoting the abstract of RFC 3325: Abstract This document describes private extensions to the Session Initiation Protocol (SIP) that enable a network of trusted SIP servers to assert the identity of authenticated users, and the application of existing privacy mechanisms to the identity problem. The use of these extensions is only applicable inside an administrative domain with previously agreed-upon policies for generation, transport and usage of such information. This document does NOT offer a general privacy or identity model suitable for use between different trust domains, or use in the Internet at large. The document in question specifies normative behavior when these private extensions are encountered. I guess the argument for allowing the reference is that even when we cannot get some consensus to do something it is reasonable to have normative rules for how our standards interact with that something. How would we feel in similar situations? How would we feel if we had normative rules say for how AAA or other protocols interacted with PPPOE? How would we feel if someone tried to specify how some other IETF protocol interacted with a vendor protocol in a standards track document? If we would be comfortable with those situations then there's little to say. If we would be uncomfortable with those situations, I'd like to better understand how we think this is different and why we think this is a good idea. _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf