[rfc-i] RFC2119 requirements language in security considerations?
Jeff.Hodges at KingsMountain.com
Tue Mar 29 14:16:50 PDT 2016
AFAICT, there is no "offical" admonition against one using RFC2119
requirements language in security/privacy considerations sections, e.g...
6. Security Considerations
6.1. Downgrade Attacks
..blah..blah.. The signature algorithm and key length
used in the foobar of type "bazfratz" MUST match the parameters
negotiated via [foo] extension.
..however, it's been expressed in various places on-lists and verbally that
some reviewers will object to it, and I was just wondering whether there's
someplace this guidance and rationale is written down where one can point
others at it.
More information about the rfc-interest