On Aug 10, 2015, at 10:23 AM, Paul Hoffman
<paul(_dot_)hoffman(_at_)vpnc(_dot_)org> wrote:
On 10 Aug 2015, at 10:13, The IESG wrote:
The IESG has received a request from an individual participant to make
the following status changes:
- RFC1984 from Informational to Best Current Practice
(IAB and IESG Statement on Cryptographic Technology and the Internet)
The supporting document for this request can be found here:
https://datatracker.ietf.org/doc/status-change-rfc1984-to-best-current-practice/
Yes, please. What was discussed in 1996 really is a best practice today, and
it has certainly been made the current practice.
--Paul Hoffman
Umm, the document is specifically worded as a position statement from the
IAB and IESG. There is no "current practice" described by it. Rather, it is an
argument against key escrow and limited key sizes; a sort of anti-pattern for
an old practice.
I'd rather it be left as an informational document, as it was approved, and
a new BCP be produced that explains current best practices regarding minimum
key sizes, currently-safe algorithms, etc. Something that isn't tied to a
specific protocol (unlike TLS 1.3).
....Roy