> (2) By making TCP-AO/TLS "RECOMMENDED", this document is not in line with > RFC5440, where only TCP-MD5 is mandatory. I don't think the intent of > this document is to Update RFC5440, is it? Also, why would the > recommendations for this extension be different than those in > draft-ietf-pce-stateful-pce (which doesn't go beyond what RFC5440 > mentions)? If you do keep the current recommendation, then > draft-ietf-pce-pceps should be a Normative reference.
It is (should be?) clear that moving PCEP on beyond MD5 is a Good Thing. Ideally, everyone just gets on with it and the security update is handled by draft-ietf-pce-pceps. But that I-D is chugging along in the WG for some reason. Do we want: 1. All output from the WG to be blocked waiting for draft-ietf-pce-pceps? 2. All I-Ds to continue to say "just do MD5 per RFC 5440"? 3. To write sensible text in the Security Considerations and get on with life? Adrian _______________________________________________ Pce mailing list [email protected] https://www.ietf.org/mailman/listinfo/pce
