On 12/30/2019 10:54 PM, Rob Sayre wrote:
"Organizations SHOULD weigh the advantages of publishing this file versus the possible disadvantages and increased resources required to triage security reports."
We *really* need to stop treating humans as protocol elements when describing how a protocol works or should work. Placing similar guidance in the security consideration section might be a useful thing. Using RFC2119 language to constrain or guide the behavior of non-computers is probably no better than wishful thinking.
Later, Mike -- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call
