there is little issue with referring to standards from elsewhere
(see sec 7) even if the standard is published as an info rfc
I believe this has been the reasoning behind acceptance of MD5 and
HMAC in the past.
but just because somone says that a info RFC has a particular type of
content does not mean that it gets any special treatment
It has traditionally been left to IESG (not just "someone") to decide
whether a particular document (whether an Informational RFC or not)
qualifies as an external standard according to section 7 of RFC 2026.
The only problem with this is that the IESG discussion on a particular
external standard can get repeated each time IESG is asked to review
a candidate for the IETF standards track which references such an