Hi Scott, On 07.08.24 14:15, Hollenbeck, Scott wrote:
*From:* kowa...@denic.de <kowa...@denic.de> *Sent:* Wednesday, August 7, 2024 4:15 AM*To:* Hollenbeck, Scott <shollenb...@verisign.com>; a...@hxr.us; orie@transmute.industries*Cc:* regext@ietf.org*Subject:* [EXTERNAL] Re: [regext] Re: I-D Action: draft-ietf-regext-epp-delete-bcp-07.txtHi Scott, > > -07 restructured the section 6 so that the 2 issues appeared: > > > > 1) removed preamble and paragraphs so that current and proposed > > practices were set as equal choice to implementers >> [SAH] This was done to address feedback we received from Orie after he read -06. It's based this text found in Section 5 of RC 2026:Apart from the feedback above I don't see my point addressed or a valid argument why it should not be of concern.I take a point of Andy about having something to enforce and it could have been achieved without structural change to section 6. The changes in -07 address the need in a misleading and confusing way.*/[SAH] I don’t think that’s the case at all. I’ve already agreed that the “EPP Servers MUST” sentence needs to be changed to “EPP clients and servers MUST”. The restructuring of Section 6 that was done in -07 preserves the identification of practices that have been observed in use and those that haven’t by directly referencing the descriptions found in Section 5. -07 straightforwardly identifies what are believed to be the three best practices in a way that directly aligns with RFC 2026. If it helps, we could make the “belief” part clearer by changing the first sentence in Section 6 from this:/**/“The practices in this section address operational risks with minimal undesired side effects.”/**/to this:/**/“The practices described in this section are believed to address operational risks with minimal undesired side effects.”/*
This is not my point.I'm missing an equivalent to the following part of -06, in particular the 2nd sentence: The "Best Proposed Practices" have not been observed in operation. The analysis presented in this document suggests that they could become best practices if deployed.
My proposal would be to add the following sentence before proposals 2&3 in the -07 variant: "The following practices have not yet been observed in operation however the analysis presented in this document suggests that they could become best practices if deployed:"
Kind regards, Pawel
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ regext mailing list -- regext@ietf.org To unsubscribe send an email to regext-le...@ietf.org
