As you correctly point out, IETF processes differ significantly from WG to WG, and occasionally IETF doesn’t live up to the standards it claims to uphold, for various reasons. I haven’t been closely following your experiences with ACME, but I apologize if you feel that they were not handled to your satisfaction, and if I can help with that in any way with that I’m willing to do so.
If people feel that filing errata is not worth their time, that is their choice to make. However, even if the errata is never incorporated into an update, it’s still useful documentation to have. For example, the 6844 errata were even referenced in the BRs long before they ever got put into 6844-bis. Many of the IETF RFCs (including RFC 5280!) have published errata that are quite useful. I happen to know that both of the LAMPS chairs (I’m one) are pretty familiar with RFC 5280, and if there are important errors to call out, we’d certainly be interested in seeing that done. It’s an important RFC. I’m dancing around the merits, because I don’t want to comment on a topic that might come to LAMPS in the near future, but I do want to reiterate, if you think that there is something wrong with RFC 5280, I’d appreciate if people would file errata, and we can take things from there. -Tim From: 'Rob Stradling' via [email protected] <[email protected]> Sent: Friday, October 7, 2022 1:13 PM To: Tim Hollebeek <[email protected]> Cc: [email protected]; Aaron Gable <[email protected]>; Corey Bonnell <[email protected]> Subject: Re: CRL partitioning and IDPs Hi Tim. That's the theoretically correct process, but... Is filing an erratum actually worth the effort? I filed a bunch of errata against RFC8555 (ACME) several years ago (https://www.rfc-editor.org/errata_search.php?rfc=8555&rec_status=0), but despite several attempts (on-list requests, private messages to doc authors, and private messages to A-Ds) I have been unable to persuade anyone to even begin the "IETF process" that should "take care of it". Given that experience, ISTM that an erratum filed against RFC5280 would probably also fall into a black hole. ________________________________ From: 'Tim Hollebeek' via [email protected]<mailto:[email protected]> <[email protected]<mailto:[email protected]>> Sent: 07 October 2022 17:30 To: Aaron Gable <[email protected]<mailto:[email protected]>>; Corey Bonnell <[email protected]<mailto:[email protected]>> Cc: [email protected]<mailto:[email protected]> <[email protected]<mailto:[email protected]>> Subject: RE: CRL partitioning and IDPs CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe. If you think there is a bug in RFC 5280, please file an errata and let the IETF process take care of it, instead of coming to your own independent conclusion. -Tim I think it is totally reasonable to conclude that RFC 5280's "within the scope of the CRL" language is a bug. -- You received this message because you are subscribed to the Google Groups "[email protected]<mailto:[email protected]>" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]<mailto:[email protected]>. To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/SJ0PR14MB5489EFE496E0ABE381BA6607835F9%40SJ0PR14MB5489.namprd14.prod.outlook.com<https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgroups.google.com%2Fa%2Fmozilla.org%2Fd%2Fmsgid%2Fdev-security-policy%2FSJ0PR14MB5489EFE496E0ABE381BA6607835F9%2540SJ0PR14MB5489.namprd14.prod.outlook.com%3Futm_medium%3Demail%26utm_source%3Dfooter&data=05%7C01%7Crob%40sectigo.com%7C63f9baf170c14c12d5d908daa8813322%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C638007570129305582%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=cr%2B89lCmN0KqlEDATve%2Bzo%2FivAyGjwA2a1IJiOlnBUM%3D&reserved=0>. -- You received this message because you are subscribed to the Google Groups "[email protected]<mailto:[email protected]>" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]<mailto:[email protected]>. To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/MW4PR17MB4729F3A7356AEBD37C087047AA5F9%40MW4PR17MB4729.namprd17.prod.outlook.com<https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/MW4PR17MB4729F3A7356AEBD37C087047AA5F9%40MW4PR17MB4729.namprd17.prod.outlook.com?utm_medium=email&utm_source=footer>. -- You received this message because you are subscribed to the Google Groups "[email protected]" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/SJ0PR14MB5489EB7598BC1744A65592A7835F9%40SJ0PR14MB5489.namprd14.prod.outlook.com.
