> 18 feb 2015 kl. 20:15 skrev Pete Resnick <presn...@qti.qualcomm.com>:
>
> On 2/18/15 1:08 PM, Leif Johansson wrote:
>>> 18 feb 2015 kl. 19:54 skrev Pete Resnick<presn...@qti.qualcomm.com>:
>>>
>>>
>>>> On 2/18/15 5:07 AM, Leif Johansson wrote:
>>>> The idea of making best practice sorta-kinda normative makes me a bit
>>>> queasy.
>>>>
>>> Let's not forget that a BCP *is* a community consensus document. It means
>>> that the IETF community has decided that we do things a particular way. A
>>> BCP *is* normative.
>>>
>>> I think it's quite reasonable for the document to say, "MUST NOT negotiate
>>> SSLv2" because doing otherwise causes harm to implementations and to the
>>> net in general. There are no Internet police. If you violate that MUST NOT,
>>> you don't go to jail. We're simply saying that they way to do security
>>> properly on the Internet is that you MUST NOT use SSLv2.
>>>
>>> So I don't have a problem with the document saying, "Existing protocols
>>> have tradeoffs to make between interoperability and security, so we (the
>>> IETF) expect those tradeoffs to be made. New protocols we (the IETF) expect
>>> to abide by the requirements and recommendations in this document unless
>>> they give some serious justification for not doing so." That's what we mean
>>> by a BCP.
>>>
>> hmm yeah sure
>>
>
> "During a lecture the Oxford linguistic philosopher J. L. Austin made the
> claim that although a double negative in English implies a positive meaning,
> there is no language in which a double positive implies a negative. To which
> [philosopher Sidney] Morgenbesser responded in a dismissive tone, 'Yeah,
> right.'"
>
> pr
hillarious :-)
I meant to express support unhindered by enthusiasm
>
> --
> Pete Resnick<http://www.qualcomm.com/~presnick/>
> Qualcomm Technologies, Inc. - +1 (858)651-4478
>
_______________________________________________
Uta mailing list
Uta@ietf.org
https://www.ietf.org/mailman/listinfo/uta
