Hi Rich, On Thu, May 29, 2025 at 03:15:42PM +0100, Salz, Rich wrote:
The downside of Standards Action is that it makes experimentation much more difficult. (Yes, you could address that by setting aside a range for experimentation.) But is the concern really all that great? In order for it to materially affect the operation of the Internet, multiple parties would have to implement and enable it.
The codepoint space is relatively large. We could easily carve out a block for experiments.
What is the real concern about someone defining a whole new sub-protocol for DTLS? My view is “so what” If it works, and it’s better (by some metric(s)), great. If it fails, it’s only a subset of users of one implementation that will feel the affects, until it’s disabled.
I have no concerns with that; I simply want to ensure that we have a process that minimises the risk of inadvertent introduction of a feature that interacts poorly with the rest of the protocol machinery. Otping for Standards action appears to be more effective in terms of a) distributing load and responsilibity, b) ensuring the appropriate amount of scrutiny.
Note that expert review requires an available specification, and all other TLS registries are expert review. Is this one really all that special?
This is not the typical "algorithms" registry. Expert review, in this case, needs cross-area expertise (WIT & security), which significantly narrows the candidate pool. (We could address this with DEs from different paths of life collaborating in tandem.)
Perhaps it’s worth having an explicit consensus call around this issue,
Makes sense to me. cheers!
as opposed to a change made in response to a WGLC review.
_______________________________________________ TLS mailing list -- tls@ietf.org To unsubscribe send an email to tls-le...@ietf.org
