Hiya,
On 01/12/2024 19:26, Salz, Rich wrote:
Why has saag has been discussing itBecause sometimes there isn't a formal specification, RFC 9106 for example. Because CFRG has published many algorithms, some they invented, some not. Seehttps://datatracker.ietf.org/rg/cfrg/documents/
I think the above are true statements but not the reason why this is being discussed on saag. As I understand it, those reasons are: 1. some IETF participants would prefer (new) RFCs only document standards track things/things with IETF consensus 2. in many cases, we no longer need an RFC for IANA codepoints for cryptographic options in protocols esp. those that only need specification-required 3. some of the people with position #1 therefore conclude we should/must not have RFCs for cases falling in #2 To be clear: I'm not a person with position #1 and don't agree that #3 follows, nor is it always sensible. Its a debate that's been ongoing for some time and has reasonable arguments on various sides each of which has reasonable proponents. And to respond to mcr's earlier point: I think we do benefit from ambiguity in that it enables us to do the right thing in specific cases. Losing that flexibility would be a negative and wouldn't be worthwhile, esp if the fashion-pendulum wrt specification-required for cryptographic codepoints swung back at some future point. Cheers, S.
OpenPGP_signature.asc
Description: OpenPGP digital signature
_______________________________________________ rfc-interest mailing list -- rfc-interest@rfc-editor.org To unsubscribe send an email to rfc-interest-le...@rfc-editor.org
