[OAUTH-WG] Referencing TLS

Hannes Tschofenig <hannes.tschofenig@gmx.net> Fri, 03 April 2015 17:57 UTC

Return-Path: <hannes.tschofenig@gmx.net>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A156E1ACE7C for <oauth@ietfa.amsl.com>; Fri, 3 Apr 2015 10:57:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Level:
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qwBx1q4ioaNW for <oauth@ietfa.amsl.com>; Fri, 3 Apr 2015 10:57:31 -0700 (PDT)
Received: from mout.gmx.net (mout.gmx.net [212.227.15.18]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E9E931ACE77 for <oauth@ietf.org>; Fri, 3 Apr 2015 10:57:30 -0700 (PDT)
Received: from [192.168.131.146] ([80.92.114.249]) by mail.gmx.com (mrgmx001) with ESMTPSA (Nemesis) id 0MBVwM-1YlH7m3HOg-00AZMc for <oauth@ietf.org>; Fri, 03 Apr 2015 19:57:28 +0200
Message-ID: <551ED488.7000101@gmx.net>
Date: Fri, 03 Apr 2015 19:57:28 +0200
From: Hannes Tschofenig <hannes.tschofenig@gmx.net>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.6.0
MIME-Version: 1.0
To: "oauth@ietf.org" <oauth@ietf.org>
References: <551DADCB.9040803@cs.tcd.ie>
In-Reply-To: <551DADCB.9040803@cs.tcd.ie>
OpenPGP: id=4D776BC9
X-Forwarded-Message-Id: <551DADCB.9040803@cs.tcd.ie>
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="5FHd7IQvUtFkPuKmWDULkSJbc7uiSBfQf"
X-Provags-ID: V03:K0:um0CVySg+nLef3Ld0JWfPGxdOLi5H6OE6pR/kVcmrxeQolFrheS TWB+20jVxGwDc7rVylrPRupVhfCi5tna6zxCnXwYHrovu2b/MIClh2GZ3Oqul1QIW8MjXsd vX017YdoU1DhGB/r/5GtvF1kRTDyYv96Avtl9mXqqV3ZkIh+T53+r4noQUyu10FZ+QuwfY0 zQjeMX1r74UPOLwPT3xdQ==
X-UI-Out-Filterresults: notjunk:1;
Archived-At: <http://mailarchive.ietf.org/arch/msg/oauth/yNN0LysKdo3NyL8qt4MSFS4osSA>
Subject: [OAUTH-WG] Referencing TLS
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 03 Apr 2015 17:57:32 -0000

I learned something new: we can reference a BCP (instead of an RFC) and
even if the RFC gets up-dated we will still have a stable reference.
(See Stephen's response to my question below).

This is what we should do for our documents when we reference TLS in the
future. We would reference the yet-to-become BCP (currently UTA-TLS
document) and we essentially point to the recommended usage for TLS
(version, ciphersuite, everything).

Isn't that great?

--------------------------------------------------------

On 02/04/15 19:09, Hannes Tschofenig wrote:
> Hi Stephen,
> 
> if I understand it correctly, you are saying if we reference a BCP #
> (instead of the RFC) then a revised RFC will get the same BCP #. I have
> never heard about that and if that's indeed true that would be cool. I
> might also have misunderstood your idea though.

Yep, that's it. XML2RFC makes it hard but you can do it, worst
case via an RFC editor note

S.

>