Re: publickey subsystem (was: Secure Shell WG: what's left?)

To: Jon Bright <jon%siliconcircus.com@localhost>, Sara Golemon <ietf-secsh%libssh2.org@localhost>
Subject: Re: publickey subsystem (was: Secure Shell WG: what's left?)
From: Jeffrey Hutzelman <jhutz%cmu.edu@localhost>
Date: Wed, 10 Aug 2005 12:35:49 +0200

On Wednesday, August 10, 2005 08:14:06 +0200 Jon Bright<jon%siliconcircus.com@localhost> wrote:

Sara Golemon wrote:

If I had a complaint about this draft it'd be the lack of a changelog
describing the differences from version 1.  I had to use the openssh
patch provided by vandyke as a reference to learn that version 1
doesn't use generic attributes in "add" and "publickey" packets, but
does use an explicit comment field.


I'm not sure if such a changelog would be accepted - as I understand it,
the drafts are supposed to document how things are, as opposed to how
they were.  I may be wrong in this.




Every internet draft contains the following notices:


  Internet-Drafts are working documents of the Internet Engineering
  Task Force (IETF), its areas, and its working groups.  Note that
  other groups may also distribute working documents as
  Internet-Drafts.

  Internet-Drafts are draft documents valid for a maximum of six months
  and may be updated, replaced, or obsoleted by other documents at any
  time.  It is inappropriate to use Internet-Drafts as reference
  material or to cite them other than as "work in progress."

The general IETF philosophy is that while running code is nice, using aninternet-draft as the basis for implementation is often inappropriate.While we've done so in several cases in this WG, the IETF usually does notdo things like rev protocol versions with each version of an I-D, or takeother measures to make sure implementations built against old I-D's willinteroperate with the final standard.

In other words, looking at old I-D versions is useful for historicalperspective, but in most cases no one expects implementations to supportanything but the final protocol. If there is a large installed base ofimplementations based on an old draft that you care about interoperatingwith, then by all means implement that draft. But that old draft does nothave any particular standing.

I don't know if there is a large deployed base of publickey-subsystem-01.As an operator and end-user, I don't think it would bother me even a littleif implementations of this protocol did not support older drafts.


-- Jeff

References:
- Re: publickey subsystem (was: Secure Shell WG: what's left?)
  - From: Sara Golemon
- Re: publickey subsystem (was: Secure Shell WG: what's left?)
  - From: Jon Bright

Prev by Date: Re: Secure Shell WG: what's left?
Next by Date: Re: x509-02 (was Secure Shell WG: what's left?)
Previous by Thread: Re: publickey subsystem (was: Secure Shell WG: what's left?)
Next by Thread: RE: publickey subsystem
Indexes:

Home | Main Index | Thread Index | Old Index