On 8/7/2016 5:57 PM, Kyle Rose wrote: > On Sun, Aug 7, 2016 at 1:43 PM, Joe Touch <[email protected] > <mailto:[email protected]>> wrote: > > > * Implementations SHOULD provide forward secrecy. The important point > > is that the TEPs MUST be amenable to forward secrecy. > That MUST turns the SHOULD into a MUST too. > > We didn't say > > MUST for the implementation because that may not always be > > possible--e.g., implementation considerations may someday require > > keying material to be shared across servers or with a > load-balancer or > > something. We don't want to say you can't implement TCP-ENO under > > such circumstances, but we want people to think long and hard > about > > the implications for confidentiality. > That consideration is too vague to weaken a MUST into a SHOULD, IMO. > > Why not "MUST provide forward secrecy" and indicate that any future > sharing is viable only when it preserves forward secrecy? > > > I'm not sure we should constrain the protocol on the grounds of > preference.
FWIW, I don't care what you pick, but there's no MUST in this doc that regards this preference. The MUST needs to apply either to a specific protocol mechanism (flag, option, etc.) or TEP configuration constraint. "amenable" isn't a something a protocol implementer or designer can act on easily. Joe
_______________________________________________ Tcpinc mailing list [email protected] https://www.ietf.org/mailman/listinfo/tcpinc
