The goal of this particular exercise is to advance RFC 3852 *without*
revision, so I called out the normative references as specified in the
document: RFCs 3280 and 3281. It is true that RFC 3280 has been
obsoleted by RFC 5280, and that draft-ietf-pkix-3281update is intended
to update 3281. (Both documents cycled/are cycling at Proposed, so
they would still be downrefs even if we submitted a 3852bis to address
the references.) And, yes this makes it more confusing to determine
whether a downref is appropriate.
I would personally factor the clarifications in RFC 5280 in my
evaluation of the downrefs, since I would use it as the basis for any
new implementation of 3852, but would not consider 3281update since it
is still a working document and subject to change.
To me, the question for the community is whether RFC 3852 achieves the
expected characteristics of a Draft Standard (as described in 2026) in
spite of these downrefs:
A Draft Standard must be well-understood and known to be quite
stable, both in its semantics and as a basis for developing an
I believe the implementation report adequately demonstrates RFC 3852
*in its totality* is well-understood and provides a stable basis for
developing interoperable implementations. To my mind, this makes
advancement appropriate in spite of the two downrefs.
On Apr 27, 2009, at 12:15 PM, Alexey Melnikov wrote:
The IESG wrote:
The IESG has received a request from the smime WG (smime) to
consider the following document:
Speaking as a member of the IETF community I find the question
confusing, considering that both documents were obsoleted (or just
about to be obsoleted in case of RFC 3281). Shouldn't this be RFC
5280 and draft-ietf-pkix-3281update-04.txt?
- 'Cryptographic Message Syntax (CMS) '
RFC 3852 as a Draft Standard
No technical issues were raised during the first Last Call.
Last Call failed to highlight two normative references to standards
documents of lower maturity: RFCs 3280 and 3281.
This abbreviated Last Call is focused solely on whether downrefs to
Proposed Standards are appropriate in the context of RFC 3852.
Ietf mailing list
Ietf mailing list