At 09:52 31/08/00, Brian E Carpenter wrote:
I don't see any need to tweak the wording or the interpretation.
Brian
All,
I agree with Brian and Harald and others. There is no
need to tweak things. Nothing is broken. There is no real
process problem with having LDAP depend on MD5 even though MD5
is described in an Informational RFC.
We don't (and could not) have the power to change the
MD5 specification. The IETF is not deep in the kinds of
crypto algorithm expertise that would be appropriate for
standardising a crypto algorithm (though for IETF to
standardise the *application of a given crypto algorithm to
some IETF protocol* seems emininently reasonable).
We have enough real technical issues to deal with in
the IETF. It isn't constructive to create new non-technical
issues that we don't need to have, IMHO.
Ran
rja(_at_)inet(_dot_)org