Quoting Miguel Garcia:
| I have a comment with respect the normative statements that appear in
| towards the end of Section 4, using the terms "RECOMMENDED" and "NOT
| RECOMMENDED". The text I refer to is this one:
|
| Further, deployment of SNMP versions prior to SNMPv3 is NOT
| RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to
| enable cryptographic security.
|
| I think the text is speaking about *deployment*, not about
| *implementation* of a feature. RFC 2119 only considers implementation,
| but not deployment issues, so in my opinion the upper case should not
| apply. Additionally, please notice that RFC 2119 does not define the
| term "NOT RECOMMENDED", so, it certainly has little meaning in uppercase.
This text is from a boilerplate, which is recommended for use by
"Security Guidelines for IETF MIB Modules" on
http://www.ops.ietf.org/mib-security.html
(suggested in BCP 111, RFC 4181, App. A (4))
The text has been copied verbatim, and the same paragraph appears in other
(MIB-related) RFCs as well, e.g.
* RFC 3584, sec. 8
* RFC 4069, sec. 6
* RFC 4044, sec. 10
* RFC 4318, sec. 8
I can see your point but it creates a conflict with regard to the suggestions
of Appendix A in RFC 4181. Please let us know if we can improve this or whether
this is a more general issue regarding security statements.
Best regards
Gerrit Renker
_______________________________________________
Gen-art mailing list
[email protected]
https://www1.ietf.org/mailman/listinfo/gen-art
