> > So we could: > > > > 1. Say explicitly that opportunistic TLS is out of scope. > > 2. Or say explicitly that it is in scope, and with the same requirements as > "regular" TLS. > > 3. Or come up with a different set of requirements for opportunistic TLS. > > > > I tend towards #2, because: > +1. Simplicity is our friend here. > As an individual: +1 for the same reason. If needed, the BCP can be revised in the future. As a chair: when you mention the "opportunistic encryption/security" in the document for the first time, please, add the reference to the relevant draft https://datatracker.ietf.org/doc/draft-dukhovni-opportunistic-security/.
Thanks, Orit. _______________________________________________ Uta mailing list [email protected] https://www.ietf.org/mailman/listinfo/uta
