Jeffrey Hutzelman wrote:
--On Tuesday, July 28, 2009 11:05:26 AM +0200 Simon Josefsson <simon@xxxxxxxxxxxxx> wrote:The IANA section says: IANA is requested to prevent future registrations of SASL mechanisms starting with SCRAM- without consulting the SASL mailing list <ietf-sasl@xxxxxxx> first. I'm not sure how the IANA would parse this request. Who on this list has authority to say yes or no to IANA? For clarity, I think we should use one of the terms defined by RFC 2434. Is this IETF Consensus? Or Expert Review? Or Standards Action?I'm pretty sure it's Expert Review with a mailing list as the expert. But given the agreement we seemed to have during yesterday's meeting that this family should have slow growth accommodating only successor hashes, I think Standards Action would be more appropriate.
I think IESG would prefer a bit of flexibility. What would happen if we want to register a SCRAM mechanism for historic reasons (marked as "obsolete") in an Informational RFC? So I would rather specify IETF Consensus here + provide some guidance on when mechanism should be registered.