IETF-SSH archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

RE: draft-baushke-ssh-dh-group-sha2-01 (was Re: DH group exchange)



denis bider <ietf-ssh3%denisbider.com@localhost> writes:

>With regard to NOT RECOMMENDED, that sounds to me equally as heavy as SHOULD
>NOT. I can't fathom that people would read "NOT RECOMMENDED", and interpret
>as if it said "sure, what the heck". It seems to me a stern disrecommendation.

These are people looking for any reason they can to not do anything (they're
still AFAIK using MD5 and DES in places because the spec doesn't say you
can't).  The stronger the wording, the easier it will be to persuade them that
they need to do something.

>That being said, SHOULD NOT is also in RFC 2119, and is a synonym. If you
>think "SHOULD NOT be used" would work better, I'm not opposed.

I think it would help.

Peter.


Home | Main Index | Thread Index | Old Index