On 11/07/17 20:01, Michael StJohns wrote: > Basically, 2804 is woefully out of date with respect to the current > state of the world.
As I said before I do think the authors of this draft should indeed have said that it needs to obsolete 2804 as that is required for them to get the standards track status that they requested in the draft header. I also think that's going about things arseways - if 2804 needs to be updated, that should happen first. And for the current discussion, if the WG consensus is (as it ought be) to not adopt this draft based on 2804, then there is an IETF-level (and not TLS WG level!) question as to how to handle drafts that are inconsistent with 2804 - ISTM that 2804 only envisages those being sent to the ISE and not being IETF work items at all, otherwise the IETF would indeed be developing wiretapping specifications which is clearly and obviously not what 2804 says. And that matches my recollection of the debate at the time, but I've not gone back to the raven archive to check. (And 2804 pre-dating RFC streams won't help there I'm sure in terms of clarity.) So I'd also object to this WG attempting a supposed "compromise" of pursuing an informational RFC as a work item. Doing do would create an almost certainly huge but repeated debate on this aspect during such a WG process and during IETF last call. That specific question could maybe be figured out via an IESG note, and might not need a full-on 2804bis debate, not sure. No doubt such a debate would be a non-trivial undertaking, but if we could reach a new consensus on a 2804bis that strengthened Internet security and privacy, that would be a good thing. (I'm not sure if folks would really be up for that though.) S.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
