> > As a chair: when you mention the "opportunistic encryption/security" > in the document for the first time, please, add the reference to the > relevant draft > https://datatracker.ietf.org/doc/draft-dukhovni-opportunistic-security/. > > Well, no. > > Opportunistic xxxxxx got a fair bit of discussion on the main IETF list > and what we have ended up with is opportunistic security. Opportunistic > encryption has yet to be defined; it makes no appearance in the I-D you > cite. > > Opportunistic TLS is defined in > http://www.ietf.org/id/draft-ietf-dane-smtp-with-dane-12.txt > but as a deprecated concept, to be replaced by the term > 'opportunistic DANE TLS' > which is regarded as a superior approach. > > It is tricky trying to coordinate terminology across different WGs:-( >
Tricky, but necessary. ;-) When applicable, all guidelines documented in the BCP are true for both "authenticated through TLS" and "opportunistic use of TLS " approaches. (The introduction of the lengthy "Applicability Statement" doesn't help to clarify that and might confuse the readers.) Therefore, let's keep a very short "applicability paragraph" capturing this fact in the Introduction and leave all further "TLS with OE/OS" discussion outside of this document. We have the "Opportunistic TLS" topic as one of the UTA potential deliverables, so we welcome the interested parties to write a separate draft on the subject taking into consideration the progress that has been made so far in the Security Area (i.e., https://datatracker.ietf.org/doc/draft-dukhovni-opportunistic-security/) Thanks, Orit. _______________________________________________ Uta mailing list [email protected] https://www.ietf.org/mailman/listinfo/uta
