Yes it is good, though reading that BCP may scare off implementers who will just ignore it.
We may still want to give the current advice of >= tls 1.2 at the point of publication see BCP xx for additional considerations. John B. Sent from my iPhone > On Apr 3, 2015, at 2:57 PM, Hannes Tschofenig <[email protected]> > wrote: > > I learned something new: we can reference a BCP (instead of an RFC) and > even if the RFC gets up-dated we will still have a stable reference. > (See Stephen's response to my question below). > > This is what we should do for our documents when we reference TLS in the > future. We would reference the yet-to-become BCP (currently UTA-TLS > document) and we essentially point to the recommended usage for TLS > (version, ciphersuite, everything). > > Isn't that great? > > -------------------------------------------------------- > >> On 02/04/15 19:09, Hannes Tschofenig wrote: >> Hi Stephen, >> >> if I understand it correctly, you are saying if we reference a BCP # >> (instead of the RFC) then a revised RFC will get the same BCP #. I have >> never heard about that and if that's indeed true that would be cool. I >> might also have misunderstood your idea though. > > Yep, that's it. XML2RFC makes it hard but you can do it, worst > case via an RFC editor note > > S. > > > > > > > _______________________________________________ > OAuth mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/oauth _______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
