Re: Other comments on draft-ietf-secsh-publickey-subsystem

To: Jon Bright <jon%siliconcircus.com@localhost>
Subject: Re: Other comments on draft-ietf-secsh-publickey-subsystem
From: Sam Hartman <hartmans-ietf%mit.edu@localhost>
Date: Tue, 29 Aug 2006 11:44:53 -0400

>>>>> "Jon" == Jon Bright <jon%siliconcircus.com@localhost> writes:
    >> - I'd rather the "mandatory" attribute of attributes be named
    >> "critical"...

    Jon> This would change a sentence like "If the server does not
    Jon> implement a mandatory attribute, it MUST fail the add.." to
    Jon> "If the server does not implement a critical attribute, it
    Jon> MUST fail the add..".  The first seems preferable to me.

My personal opinion is that critical is far preferable to mandatory in
a security protocol.  The usage you seem to be objecting to is quite
common in PKIX documents and is becoming more common in Kerberos
documents and other things throughout the security area.

I didn't make the common as an AD because I thought it a bit late, but
I support this change as an individual.

Follow-Ups:
- Re: Other comments on draft-ietf-secsh-publickey-subsystem
  - From: Jon Bright
- Re: Other comments on draft-ietf-secsh-publickey-subsystem
  - From: Jeffrey Hutzelman
- Re: Other comments on draft-ietf-secsh-publickey-subsystem
  - From: Joseph Galbraith

References:
- AD Review for draft-ietf-secsh-publickey-subsystem
  - From: Sam Hartman
- Other comments on draft-ietf-secsh-publickey-subsystem
  - From: Nicolas Williams
- Re: Other comments on draft-ietf-secsh-publickey-subsystem
  - From: Jon Bright

Prev by Date: Re: AD Review for draft-ietf-secsh-publickey-subsystem
Next by Date: Re: Other comments on draft-ietf-secsh-publickey-subsystem
Previous by Thread: Re: Other comments on draft-ietf-secsh-publickey-subsystem
Next by Thread: Re: Other comments on draft-ietf-secsh-publickey-subsystem
Indexes:

Home | Main Index | Thread Index | Old Index