On Thu, Apr 11, 2019 at 12:20:21PM -0400, Warren Kumari wrote: > [ - IESG (for clutter), Bob & Tim (through DNSOP / Chairs respectively) ] > > > On Tue, Apr 9, 2019 at 7:55 AM Paul Wouters <[email protected]> wrote: > > > On Fri, 5 Apr 2019, Bob Harold wrote: > > > > [ SNIP ] > > > > > In a similar vein, if we stay at PS, a lot of the references seem > > like > > > they would need to move from Informative to Normative, since to > > > implement the various MUST-level algorithms you have to follow > > those > > > references. > > > > I would not say those references are normative in that sense. You don't > > HAVE to read how GOST is specified to not implement it. > > > > > Perhaps, but there are still lots of Informative references which > implementers would need to read. For example: > > RFC5702, RFC6605: > 8 RSA/SHA-256 RSASHA256 Y * [RFC5702] > 10 RSA/SHA-512 RSASHA512 Y * [RFC5702] > 13 ECDSA Curve P-256 with SHA-256 ECDSAP256SHA256 Y * [RFC6605] > > RFC4509: > 2 SHA-256 MANDATORY [RFC4509] > > It is a simple matter to make these Normative....
I'll also note (sic) that note 1 at https://www.ietf.org/blog/iesg-statement-normative-and-informative-references/ says: Even references that are relevant only for optional features must be classified as normative if they meet the above conditions for normative references. -Ben _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
