On 18 Mar 2025, at 11:53, Salz, Rich wrote: >> So, again: This draft should either be expanded to say what TLS clients and >> servers and configuration SHOULD / MUST do with D-level components, or tell >> readers why it is not. Telling developers "go look at every doc that is >> liked from a D-level spec" is likely to cause them to not do so, and the >> result will be insecure implementations and lack of interoperability. > > I think it is good that the draft says “we discourage” and that’s good > enough. The whole point of saying discouraged is that it doesn’t rise to the > level of SHOULD NOT.
Ah! If that's what the TLS WG agrees on, it is a simple thing to add to the draft so that the reader understands the context of "discouraged". --Paul Hoffman _______________________________________________ TLS mailing list -- tls@ietf.org To unsubscribe send an email to tls-le...@ietf.org
