*
Again, this isn't what Recommended=Y/N means in the context
*
of TLS. Rather, it means that it's generally OK, which is why we have
*
four separate recommended EC curves.
It seems like it’s worth quoting the meaning as clarified in 8447bis, which is
in the RFC editor’s queue. (TL;DR — okay to use, not mandatory to implement)
Y: Indicates that the IETF has consensus that the item is
RECOMMENDED. This only means that the associated mechanism is fit
for the purpose for which it was defined. Careful reading of the
documentation for the mechanism is necessary to understand the
applicability of that mechanism. The IETF could recommend
mechanisms that have limited applicability, but will provide
applicability statements that describe any limitations of the
mechanism or necessary constraints on its use.
N: Indicates that the item has not been evaluated by the IETF and
that the IETF has made no statement about the suitability of the
associated mechanism. This does not necessarily mean that the
mechanism is flawed, only that no consensus exists. The IETF
might have consensus to leave an items marked as "N" on the basis
of its having limited applicability or usage constraints.
D: Indicates that the item is discouraged. This marking could be
used to identify mechanisms that might result in problems if they
are used, such as a weak cryptographic algorithm or a mechanism
that might cause interoperability problems in deployment. When
marking a registry entry as “D”, either the References or the
Comments Column MUST include sufficient information to determine
why the marking has been applied. Implementers and users SHOULD
consult the linked references associated with the item to
determine the conditions under which the item SHOULD NOT or MUST
NOT be used.
_______________________________________________
TLS mailing list -- [email protected]
To unsubscribe send an email to [email protected]
