"Roy T. Fielding" <fielding@xxxxxxxx> writes: >> The document has a reference to obsolete RFC 2616, this is intentional. > > What is that supposed to mean? The reference is intentionally wrong? RFC 7252 is referencing RFC 2616 for its security considerations, because the RFC 723x series wasn't out yet at the time CoAP was completed. draft-ietf-core-etch references RFC 7252 for its security considerations. This implies a reference to RFC 2616 as well, which we decided to make explicit (it's hard to be explicit enough about security considerations). We could change that to leave it implicit, rendering the downref less visible. > I looked at the text and it should be referencing section 9 of RFC7231, > not section 15 of RFC2616. Just fix the reference or remove it entirely While we could add RFC 7231 to the above reference (which, as I said is already implicitly there), a single security considerations section out of one of the RFC 723x documents does not cover the entire security considerations of RFC 2616 (e.g., section 15.7 does very much apply, some of which seems to have been moved to RFC 7234). Do you see anything specific in RFC 7231 that we should cover that isn't mentioned in RFC 2616? We could use draft-ietf-core-etch more or less randomly as the point where we finally clean up the editorial issues caused by the sharding of RFC 2616. The authors so far did not see a reason to do that exactly in this document, which describes functionality not really touched by that sharding. Should we, anyway? Gruesse, Carsten