> On Aug 7, 2019, at 7:01 AM, Fernando Gont <[email protected]> wrote: > > On 7/8/19 16:30, Joe Touch wrote: >> Things that don’t work aren’t always either deprecated or security attacks. >> >> And if we treat them as such, the remainder won’t be useful to anyone for >> anything. > > What I meant is that, whether one likes it or not, at the point > something does not work (for some meaningful level of failure rate), you > cannot rely on it anymore. (that wrt the "deprecated" (in a colloquial > way) bit). > > Regarding security, there are times in which things don't work because > vendors did such a poor job that supporting a given feature opens your > networks or devices to attack. Particularly when a feature is not widely > employed (if at all), it's not surprising that ops people resort to > blocking the feature. > > Not that I necessarily like it, but that's what reality seems to indicate.
Sometimes they indicate bugs — often that we ought to encourage be fixed. Otherwise, as I’ve said before and again above, we end up with the least of everything. In this case, warning people that things might not work isn’t the same as “should avoid” or “don’t use”. It could be as simple as “check before relying on”, but let’s face it - the Internet is *best effort* throughout anyway, so even needing to say that seems redundant. To the IESG: wordsmithing this document is a bad idea unless it comes with a substantial revision explaining the impact of stronger warnings AND is taken back to the WG for consensus. Joe
_______________________________________________ Int-area mailing list [email protected] https://www.ietf.org/mailman/listinfo/int-area
