On 10/17/2012 08:23 PM, John C Klensin wrote: > * A protocol specification that has the appearance of being > solely the product of a single vendor or other organization is > inherently dangerous and dangerous to the IETF, not just the > particants. Problems can arise if a standards body rubber-stamps > a one-organization specification, especially if that > organization gains an advantage from standardization of its > technology. I'm with Dave on this one. I don't believe we should feel any need whatsoever to fiddle with, or to look like we've fiddled with, something that's already good, nor ought we offer guidance to that effect. If I recall correctly, HMAC (rfc 2104) is a fine counterexample to the need-to-fiddle claim. The Internet is better because we adopted what looks like that one-vendor specification and we shouldn't feel like that's a problem, when it just isn't. So I don't see a need for any such addition to the FAQ. S.