Open ioggstream opened 2 years ago
netfl0
commented
2 years ago This is a good find. We should indicate this in some way. Our intent was to reference older content for educational purposes.
Perhaps a new type of reference which would indicate "best practice" or something of that nature.
ioggstream
commented
2 years ago @netfl0 for RFC I suggest to add actionable articles/kb, especially in the security field. Referencing old specs risks to spread legacy information. Consider that people interested in older RFC content can use new one to identify all relevant information e.g. newer RFCs might consolidate different docs in a single one, this means that referencing one new RFC you provide info to all the original documents. The converse is not true. My2¢, R.
netfl0
commented
6 months ago After some more thought, we ought to just add references. However, keeping track of all the "latest and greatest" guidance is a lot of overhead we can't support at the moment.
ioggstream
commented
6 months ago keeping track of all the "latest and greatest" guidance is a lot of overhead we can't support at the moment
while we might "script it" (e.g., for RFC), it is ok to update references whenever the new ones are key in supporting infrastructure security (e.g., FIPS references).
I expect
EncryptedTunnel to reference https://datatracker.ietf.org/doc/html/rfc4301
instead
references https://datatracker.ietf.org/doc/html/rfc1825