On 5/18/07, Robert Sayre <sayrer(_at_)gmail(_dot_)com> wrote:
I think the substituted text is inadequate, because it is not clear
which TLS version implementors MUST support. As I understand it, the
fact that it is "tricky", implying there may be trade-offs, is not
sufficient to avoid specifying a single, mandatory-to-implement TLS
version.
Well Rob, I think the community at large and the IESG in particular
would welcome suggestions on what to do with this one. In fact, we
know what's going to happen: implementors will use the default TLS
library for whatever platform they're on, and this will do the job,
most times. However, I think that we have better-than-rough consensus
that the specification landscape is a mess, making normative
references a bitch, and that this will probably bite nearly
everything in the Apps area from here on in.
I hope someone with the necessary expertise will take this bull by the
horns. -Tim
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf