Sent from my iPhone
> On Apr 3, 2015, at 3:16 PM, John Bradley <[email protected]> wrote: > > Yes it is good, though reading that BCP may scare off implementers who will > just ignore it. > > We may still want to give the current advice of >= tls 1.2 at the point of > publication see BCP xx for additional considerations. > I think it's fine to do that. Using the recommended version as the base at time of publication with a pointer to the BCP is appropriate. Thanks, Kathleen > John B. > > > Sent from my iPhone > >> On Apr 3, 2015, at 2:57 PM, Hannes Tschofenig <[email protected]> >> wrote: >> >> I learned something new: we can reference a BCP (instead of an RFC) and >> even if the RFC gets up-dated we will still have a stable reference. >> (See Stephen's response to my question below). >> >> This is what we should do for our documents when we reference TLS in the >> future. We would reference the yet-to-become BCP (currently UTA-TLS >> document) and we essentially point to the recommended usage for TLS >> (version, ciphersuite, everything). >> >> Isn't that great? >> >> -------------------------------------------------------- >> >>> On 02/04/15 19:09, Hannes Tschofenig wrote: >>> Hi Stephen, >>> >>> if I understand it correctly, you are saying if we reference a BCP # >>> (instead of the RFC) then a revised RFC will get the same BCP #. I have >>> never heard about that and if that's indeed true that would be cool. I >>> might also have misunderstood your idea though. >> >> Yep, that's it. XML2RFC makes it hard but you can do it, worst >> case via an RFC editor note >> >> S. >> >> >> >> >> >> >> _______________________________________________ >> OAuth mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/oauth > > _______________________________________________ > OAuth mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/oauth _______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
