I just noticed this draft: Commercial National Security Algorithm (CNSA) Suite Profile of Certificate Management over CMS https://tools.ietf.org/html/draft-jenkins-cnsa-cmc-profile-00 We had a discussion in the past where it seems a bunch of people thought that publushing RFC's with specific nation states profiles was no longer deemed neccessary or wise. It looks like this publication should be a FIPS document, not an RFC. This was for instance, discussed here: https://mailarchive.ietf.org/arch/msg/ietf/Gfo9si95rem3UtzGlEn9-AK22ro Some of the text is also very wrong, such as: NSA is publishing a set of RFCs, including this one, to provide updated guidance concerning the use of certain commonly available commercial algorithms in IETF protocols. The IETF publishes RFCs, not the NSA. It is another sign that this is the wrong venue for publishing what they want to publish. Paul
