[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re:-ipsec-pki-req-03 - intro

To: ipsec@lists.tislabs.com
Subject: Re:-ipsec-pki-req-03 - intro
From: Rodney Thayer <rodney@ssh.fi>
Date: Wed, 27 Oct 1999 12:15:04 +0200
Sender: owner-ipsec@lists.tislabs.com

This is a DRAFT.  It's not an RFC.  It's not a BCP.
One of the very disturbing things about the IPsec RFC's
is that I find, in my travels, that there are people out
there reading them as the gospel truth, including the
really lame stuff.

So, labelling this with the truth, i.e. the fact it's
not terribly synchronized, is ADDING value for implementors,
in that it tells them this is unstable.

Many many many labor-hours were wasted over many years
in the IPsec communities because drafts were unstable and
therefore, we had implementations that were severely
jerked around because of this sort of things.

So I thing the addition of warning labels is appropriate.

>From: Brian Korver <briank@network-alchemy.com>

>Greg Carter writes:

>> >From 1. Introduction, first paragraph:
>> 
>> "Note that many IPsec implementers are not completely happy with the PKIX
>> documents and procedures, but have agreed to use the PKIX protocols because
>> they are supported in other contexts and have a significant market share."
>> 
>> and last paragraph
>> 
>> "(It is noted that the fact that the two documents differ does not give
>> great confidence to the IPsec community or other users of the PKIX
>> protocols.)"
>> 
>> Both of these, whether or not true, are opinions and don't really do
>> anything to help implementers beside adding confusion.  I would suggest
they
>> be taken out for clarity.

Prev by Date: Re: Comments on CRACK
Next by Date: Re:-ipsec-pki-req-03 - subject/subjectAltName
Prev by thread: CRLs
Next by thread: Re:-ipsec-pki-req-03 - subject/subjectAltName
Index(es):
- Main
- Thread