Re: [dane] Last Call: <draft-ietf-dane-protocol-19.txt> (The DNS-Based Authentication of Named Entities (DANE) Protocol for Transport Layer Security (TLS)) to Proposed Standard

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> On 12. 4. 2012, at 9:11, SM wrote:
> > At 18:41 11-04-2012, The IESG wrote:
> >> The IESG has received a request from the DNS-based Authentication of
> >> Named Entities WG (dane) to consider the following document:
> >> - 'The DNS-Based Authentication of Named Entities (DANE) Protocol for
> >>   Transport Layer Security (TLS)'
> >>  <draft-ietf-dane-protocol-19.txt> as a Proposed Standard
> >>
> >> The IESG plans to make a decision in the next few weeks, and solicits
> >> final comments on this action. Please send substantive comments to the
> >> ietf@xxxxxxxx mailing lists by 2012-04-25. Exceptionally, comments may be
> >
> > In Section 1.2:
> >
> > "This document applies to both TLS [RFC5246]"
> >
> > Does this mean that DANE is not applicable for TLS 1.1?

> RFC4346 (TLS 1.1) has been obsoleted by RFC5246.  We cannot make references
> to obsoleted documents.  As a side note, we don't say "to both TLS 1.2", but
> just TLS.

I have no involvement with DANE or the rest of this debate, but I wanted to
point out that this simply isn't true. IDNits warnings to the contrary
notwithstanding, references to obsoleted specifications are not only allowed,
but in some cases absolutely required. 

It all depends on what the reference is for. If you're making a normative
reference to some protocol element that's supposed to interoperate with
current versions, you need to reference the latest version.

If, however, as in this case, you're talking about interoperating with multiple
versions of TLS, you really need to reference the specifications you intend to
support. Because otherwise readers are going to assume that you only mean TLS
1.2 here, irrespective of whether or not you omit the specific version in
prose.

				Ned


[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]