Just to clarify, I have no objection to the original text by Peter. Cheers, Orit.
> -----Original Message----- > From: Leif Johansson [mailto:[email protected]] > Sent: Wednesday, February 18, 2015 11:19 AM > To: Peter Saint-Andre - &yet > Cc: Pete Resnick; Ralph Holz; [email protected]; [email protected]; Alissa > Cooper; > Orit Levin (LCA); Yaron Sheffer; [email protected]; IESG > Subject: Re: [Uta] Alissa Cooper's Discuss on draft-ietf-uta-tls-bcp-09: (with > DISCUSS and COMMENT) > > > > > > > 18 feb 2015 kl. 20:16 skrev Peter Saint-Andre - &yet <[email protected]>: > > > >> On 2/18/15 11:53 AM, Pete Resnick wrote: > >>> On 2/18/15 5:07 AM, Leif Johansson wrote: > >>> The idea of making best practice sorta-kinda normative makes me a bit > >>> queasy. > >> > >> Let's not forget that a BCP *is* a community consensus document. It > >> means that the IETF community has decided that we do things a particular > >> way. A BCP *is* normative. > >> > >> I think it's quite reasonable for the document to say, "MUST NOT > >> negotiate SSLv2" because doing otherwise causes harm to implementations > >> and to the net in general. There are no Internet police. If you violate > >> that MUST NOT, you don't go to jail. We're simply saying that they way > >> to do security properly on the Internet is that you MUST NOT use SSLv2 _______________________________________________ Uta mailing list [email protected] https://www.ietf.org/mailman/listinfo/uta
