[rfc-i] References for non-standards

Yaron Sheffer yaronf.ietf at gmail.com
Wed Feb 12 11:24:23 PST 2014


>> And then, what kind of syntax should I use to include one or two such bibtex entries from my draft? Can I do something like:
>>
>> <reference src="http://julian.com/convert2ref/url=..."/>
>
> That would not work with the v2 vocabulary because it requires a <front> element, and <front> requires <title>, one or more <author>s, and a <date>. (See <http://tools.ietf.org/html/draft-reschke-xml2rfc-04#section-2.30> and <http://tools.ietf.org/html/draft-reschke-xml2rfc-04#section-2.19>.)
>
> In the current proposal for the v3 format, that would also not be allowed. We could add that, but I would prefer that we don't, and instead require that a full reference like we have now be included in the RFC.
>
> --Paul Hoffman
>
If we had a generic way to include references from the outside, people 
could use it for different conversions (from bibxml, from DOI, maybe 
from specific services like CiteSeerX). We certainly need something 
better than to include the full <reference> cruft.

To make my point, here are my references from draft-sheffer-tls-bcp. 
IMHO, people should not have to manage such stuff by hand.

<reference anchor="CBC-Attack"><front><title>Lucky Thirteen: Breaking 
the TLS and DTLS Record Protocols</title><author initials="N.J." 
surname="AlFardan" fullname="Nadhem J. AlFardan"/><author initials="K." 
surname="Paterson" fullname="K. Paterson"/><date 
year="2013"/></front><seriesInfo name="IEEE Symposium on Security and 
Privacy" value=""/></reference><reference anchor="BEAST" 
target="http://packetstormsecurity.com/files/105499/Browser-Exploit-Against-SSL-TLS.html"><front><title>Browser 
Exploit Against SSL/TLS</title><author initials="J." surname="Rizzo" 
fullname="Juliano Rizzo"/><author initials="T." surname="Duong" 
fullname="Thai Duong"/><date year="2011"/></front></reference><reference 
anchor="CRIME"><front><title>The CRIME Attack</title><author 
initials="J." surname="Rizzo" fullname="Juliano Rizzo"/><author 
initials="T." surname="Duong" fullname="Thai Duong"/><date 
year="2012"/></front><seriesInfo name="EKOparty Security Conference" 
value="2012"/></reference><reference anchor="BREACH" 
target="http://breachattack.com/"><front><title>The BREACH 
Attack</title><author initials="A." surname="Prado" fullname="Angelo 
Prado"/><author initials="N." surname="Harris" fullname="Neal 
Harris"/><author initials="Y." surname="Gluck" fullname="Yoel 
Gluck"/><date year="2013"/></front></reference><reference anchor="TIME" 
target="https://media.blackhat.com/eu-13/briefings/Beery/bh-eu-13-a-perfect-crime-beery-wp.pdf"><front><title>A 
Perfect CRIME? Only TIME Will Tell</title><author initials="T." 
surname="Be'ery" fullname="Tal Be'ery"/><author initials="A." 
surname="Shulman" fullname="Amichai Shulman"/><date 
year="2013"/></front><seriesInfo name="Black Hat Europe" 
value="2013"/></reference><reference anchor="RC4"><front><title>Applied 
Cryptography: Protocols, Algorithms, and Source Code in C, 2nd 
Ed.</title><author initials="B." surname="Schneier" fullname="Bruce 
Schneier"/><date year="1996"/></front></reference><reference 
anchor="RC4-Attack-FMS"><front><title>Weaknesses in the Key Scheduling 
Algorithm of RC4</title><author initials="S." surname="Fluhrer" 
fullname="Scott Fluhrer"/><author initials="I." surname="Mantin" 
fullname="Itsik Mantin"/><author initials="A." surname="Shamir" 
fullname="Adi Shamir"/><date year="2001"/></front><seriesInfo 
name="Selected Areas in Cryptography" value=""/></reference><reference 
anchor="RC4-Attack"><front><title>Full Plaintext Recovery Attack on 
Broadcast RC4</title><author initials="T." surname="ISOBE" 
fullname="Takanori ISOBE"/><author initials="T." surname="OHIGASHI" 
fullname="Toshihiro OHIGASHI"/><author initials="Y." surname="WATANABE" 
fullname="Yuhei WATANABE"/><author initials="M." surname="MORII" 
fullname="Masakatu MORII"/><date year="2013"/></front><seriesInfo 
name="International Workshop on Fast Software Encryption" 
value=""/></reference><reference anchor="RC4-Attack-AlF" 
target="https://www.usenix.org/conference/usenixsecurity13/security-rc4-tls"><front><title>On 
the Security of RC4 in TLS</title><author initials="N." 
surname="AlFardan" fullname="Nadhem AlFardan"/><author initials="D.J." 
surname="Bernstein" fullname="Daniel J. Bernstein"/><author 
initials="K.G." surname="Paterson" fullname="Kenneth G. 
Paterson"/><author initials="B." surname="Poettering" fullname="Bertram 
Poettering"/><author initials="J.C.N." surname="Schuldt" fullname="Jacob 
C. N. Schuldt"/><date year="2013"/></front><seriesInfo name="Usenix 
Security Symposium" value="2013"/></reference><reference 
anchor="Attacks-iSec" 
target="https://www.isecpartners.com/media/106031/ssl_attacks_survey.pdf"><front><title>Attacks 
on SSL, a comprehensive study of BEAST, CRIME, TIME, BREACH, Lucky13 and 
RC4 biases</title><author initials="P.G." surname="Sarkar" 
fullname="Pratik Guha Sarkar"/><author initials="S." 
surname="Fitzgerald" fullname="Shawn Fitzgerald"/><date month="8" 
year="2013"/></front></reference><reference anchor="Padding-Oracle" 
target="http://www.iacr.org/cryptodb/archive/2002/EUROCRYPT/2850/2850.pdf"><front><title>Security 
Flaws Induced by CBC Padding Applications to SSL, IPSEC, 
WTLS...</title><author initials="S." surname="Vaudenay" fullname="Serge 
Vaudenay"/><date year="2002"/></front><seriesInfo name="EUROCRYPT" 
value="2002"/>


More information about the rfc-interest mailing list