I prefer Undefined over Uninitialized and therefore use Undefined below. > > what will an operator do differently for these two shades of grey? >
The "Undefined" state is most likely to change shortly after assigned. If processed as "NotFound" and selected but validated as "Invalid" it would have to be withdrawn right away. A well-defined temporary state such as "Undefined" allows scripting policies such as "Ignore until validation state is available" > what is the trust difference? > "FotFound" is a well-defined state within the Cache. It gives a clear answer about the content of the cache. It is what it is, no information found in the cache. "Undefined" on the other hand tells me that currently no cache information is available and I simply don't know if it is "NotFound", "Valid", or "Invalid" - I personally have some trouble just assuming a state. > was this perhaps discussed extensively before? what did the security folk > tell us in that discussion? > I don't remember this topic being discussed publicly but at NIST, we spend some time around this topic. And as one of the previous emails shows, at least one other implementation next to ours independently introduced this state. > randy Oliver _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
