On Wed, Feb 26, 2025 at 1:49 PM Aaron Gable <aa...@letsencrypt.org> wrote:
>
>> Section 7.2 declares a new "Specification Required" registry. However, it
>> doesn't provide any advice to the Designated Experts, which is strongly
>> recommended by RFC 8126, Section 4.6.
>>
>
> Thank you for pointing this out! I've added some advice here, but the
> examples linked from RFC 8126 Section 4.6 don't seem to provide much
> guidance to their designated experts, so I feel like I'm flying somewhat
> blind here. Let me know what you think.
>
I think what you have in the PR is sufficient.
>
>> Why is the SHOULD in Section 4.3 only a SHOULD? When would you
>> legitimately do
>> something other than what it says?
>>
>> I have the same question about the SHOULDs in Sections 4.3.2, 4.3.3, and
>> 5.
>>
>
> These are good points. Most of these requirements already have other
> qualifiers ("reasonable"), so making these MUSTs makes sense. I've left
> just a few as SHOULDs, for example "clients SHOULD do exponential backoff"
> because a client may have some other reasonable non-exponential backoff
> scheme it prefers.
>
I think you took care of the ones that got my attention.
Ship it!
-MSK
_______________________________________________
Acme mailing list -- acme@ietf.org
To unsubscribe send an email to acme-le...@ietf.org
