IETF-SSH archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Other comments on draft-ietf-secsh-publickey-subsystem





On Tuesday, August 29, 2006 11:44:53 AM -0400 Sam Hartman <hartmans-ietf%mit.edu@localhost> wrote:

"Jon" == Jon Bright <jon%siliconcircus.com@localhost> writes:
    >> - I'd rather the "mandatory" attribute of attributes be named
    >> "critical"...

    Jon> This would change a sentence like "If the server does not
    Jon> implement a mandatory attribute, it MUST fail the add.." to
    Jon> "If the server does not implement a critical attribute, it
    Jon> MUST fail the add..".  The first seems preferable to me.

My personal opinion is that critical is far preferable to mandatory in
a security protocol.  The usage you seem to be objecting to is quite
common in PKIX documents and is becoming more common in Kerberos
documents and other things throughout the security area.

I agree.



Home | Main Index | Thread Index | Old Index