Watson,
> On 17 Mar 2021, at 06:57, Watson Ladd <watsonbl...@gmail.com> wrote: > > On Mon, Mar 15, 2021, 2:59 AM Eliot Lear > <lear=40cisco....@dmarc.ietf.org> wrote: >> >> Architecturally, Rich is nailing it. We should be encouraging the use of >> SANs. However, use of SANs beyond the scope of the web may not be entirely >> ubiquitous, and so we should either be a bit more targeted, or slow roll >> the other uses with some backward compatibility language. Personally I like >> the latter approach. We shouldn’t hold up deprecation across the web due to >> the other uses, but we should encourage those other uses to move off of >> subject. > > Every discussion of depreciation I've been in in the IETF seems to go > the same way: no matter how gentle the prohibition we get complaints, > and meanwhile people don't notice what's disfavored, in part because > of the earlier requests to not forbid things making the indications of > future disfavor too soft. The alternative view is that we shouldn’t break stuff or write edicts we know will be ignored. AR certs are burned into products. They’re NEVER going to change, and some code in some contexts need to expect them. That includes, by the way, in all likelihood, the smart meter providing your house electricity. Not everything is apache or a browser that you can take an auto-update and simply get away from bad code. The world is a complex place. > > The IETF needs a way to depreciate, and the way to do that is to > signal clearly that something has problems, Yes. > which nothing short of > MUST NOT seems to get across. Why would you think that in this case? The IEEE has been remarkably good at tracking our work, as have a great many other organizations, but for uses you’ve never considered. That’s why code like OpenSSL is deployed in places you’ve never heard of. And while you’re right, we’re not the protocol police, it’s bad when we give developers advice they simply cannot follow because they live in the real world. Eliot
signature.asc
Description: Message signed with OpenPGP
_______________________________________________ Uta mailing list Uta@ietf.org https://www.ietf.org/mailman/listinfo/uta
