Personally, I think it would be less confusing for everyone involved if
this document is Standards Track (and "updates 5996").
Whether we deprecate the old format depends IMO on the level of
implementation/use of the old format. I would like to hear from people
who care about the old format (i.e. who have it in products, and do not
intend to move quickly to the more general solution if it is
standardized). If we don't hear any screams, then I definitely support
deprecating it.
Thanks,
Yaron
On 19.10.2012 12:50, Tero Kivinen wrote:
Sean Turner writes:
Gotta ask: Should this draft update RFC 5996? On the one hand, it's
optional and existing implementations don't need to support it. On the
other hand, if you're really trying to deprecate the old RSA raw key
format shouldn't it update the base doc?
If we want to deprecate the old raw RSA keys, then I think this
document needs to be standard track, and it needs to update RFC 5996.
If we just add new format for raw public keys, and both old raw RSA
certificate format and this new format then I think it can be
informational and there is no need for this document to "Update" the
RFC5996. Our previous additions to the IKEv2 have not updated the base
spec (redirect, resumption, IPv6 address configuration, password
authentication, high availability, childless etc). The EAP only
authentication do update RFC5996.
So the answer really depends on which way the WG wants this document
to go...
Could add an informative reference to RFC 5480 in App A for the 04 byte
to indicate it's uncompressed. But, it's not absolutely necessary.
Done.
_______________________________________________
IPsec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ipsec
