idnits 2.17.1 

draft-hoffman-additional-key-words-00.txt:

  Checking boilerplate required by RFC 5378 and the IETF Trust (see
  https://trustee.ietf.org/license-info):
  ----------------------------------------------------------------------------

  ** It looks like you're using RFC 3978 boilerplate.  You should update this
     to the boilerplate described in the IETF Trust License Policy document
     (see https://trustee.ietf.org/license-info), which is required now.

  -- Found old boilerplate from RFC 3978, Section 5.1 on line 15.

  -- Found old boilerplate from RFC 3978, Section 5.5, updated by RFC 4748 on
     line 160.

  -- Found old boilerplate from RFC 3979, Section 5, paragraph 1 on line 171.

  -- Found old boilerplate from RFC 3979, Section 5, paragraph 2 on line 178.

  -- Found old boilerplate from RFC 3979, Section 5, paragraph 3 on line 184.


  Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt:
  ----------------------------------------------------------------------------

  == No 'Intended status' indicated for this document; assuming Proposed
     Standard


  Checking nits according to https://www.ietf.org/id-info/checklist :
  ----------------------------------------------------------------------------

  ** The document seems to lack an IANA Considerations section.  (See Section
     2.2 of https://www.ietf.org/id-info/checklist for how to handle the case
     when there are no actions for IANA.)

  -- The draft header indicates that this document updates RFC2119, but the
     abstract doesn't seem to directly say this.  It does mention RFC2119
     though, so this could be OK.


  Miscellaneous warnings:
  ----------------------------------------------------------------------------

  == The copyright year in the IETF Trust Copyright Line does not match the
     current year

  == The document seems to lack the recommended RFC 2119 boilerplate, even if
     it appears to use RFC 2119 keywords. 

     (The document does seem to have the reference to RFC 2119 which the
     ID-Checklist requires).
     (Using the creation date from RFC2119, updated by this document, for
     RFC5378 checks: 1997-03-01)

  -- The document seems to lack a disclaimer for pre-RFC5378 work, but may
     have content which was first submitted before 10 November 2008.  If you
     have contacted all the original authors and they are all willing to grant
     the BCP78 rights to the IETF Trust, then this is fine, and you can ignore
     this comment.  If not, you may need to add the pre-RFC5378 disclaimer. 
     (See the Legal Provisions document at
     https://trustee.ietf.org/license-info for more information.)

  -- The document date (January 15, 2008) is 5945 days in the past.  Is this
     intentional?


  Checking references for intended status: Proposed Standard
  ----------------------------------------------------------------------------

     (See RFCs 3967 and 4897 for information about using normative references
     to lower-maturity documents in RFCs)

  -- Obsolete informational reference (is this intentional?): RFC 4307
     (Obsoleted by RFC 8247)


     Summary: 2 errors (**), 0 flaws (~~), 3 warnings (==), 9 comments (--).

     Run idnits with the --verbose option for more detailed information about
     the items above.

--------------------------------------------------------------------------------


2	Network Working Group                                         P. Hoffman
3	Internet-Draft                                            VPN Consortium
4	Updates: 2119 (if approved)                             January 15, 2008
5	Expires: July 18, 2008

7	          Additional Key words to Indicate Requirement Levels
8	               draft-hoffman-additional-key-words-00.txt

10	Status of this Memo

12	   By submitting this Internet-Draft, each author represents that any
13	   applicable patent or other IPR claims of which he or she is aware
14	   have been or will be disclosed, and any of which he or she becomes
15	   aware will be disclosed, in accordance with Section 6 of BCP 79.

17	   Internet-Drafts are working documents of the Internet Engineering
18	   Task Force (IETF), its areas, and its working groups.  Note that
19	   other groups may also distribute working documents as Internet-
20	   Drafts.

22	   Internet-Drafts are draft documents valid for a maximum of six months
23	   and may be updated, replaced, or obsoleted by other documents at any
24	   time.  It is inappropriate to use Internet-Drafts as reference
25	   material or to cite them other than as "work in progress."

27	   The list of current Internet-Drafts can be accessed at
28	   http://www.ietf.org/ietf/1id-abstracts.txt.

30	   The list of Internet-Draft Shadow Directories can be accessed at
31	   http://www.ietf.org/shadow.html.

33	   This Internet-Draft will expire on July 18, 2008.

35	Copyright Notice

37	   Copyright (C) The IETF Trust (2008).

39	Abstract

41	   Some document authors want to express requirement levels using the
42	   traditional definitions of "MUST" and "SHOULD" from RFC 2119, but
43	   also want to express that there is an expectation that later versions
44	   of the document may change those requirements.  For example, they may
45	   want to express "this SHOULD be implemented now, but we expect that
46	   this will become a MUST requirement in a future update to this
47	   standard".

49	   This document defines three new keywords, "MUST-", "SHOULD+", and
50	   "SHOULD-" to facilitate such definitions.

52	1.  Introduction

54	   RFC 2119 [RFC2119] defines keywords that are used in the RFC series.
55	   Using those definitions allows a document writer to specify the
56	   requirements level in a generally-understood manner.  However, in
57	   some protocols, the authors want to convey that the requirements
58	   levels are expected to change in the future.

60	   There are three requirements level changes that can be easily
61	   envisioned:

63	   o  A MUST requirement that is expected to be demoted to SHOULD in the
64	      future.

66	   o  A SHOULD requirement that is expected to be elevated to MUST in
67	      the future.

69	   o  A SHOULD requirement that is expected to be demoted to MAY in the
70	      future.

72	   RFC 4307 [RFC4307] defined new terms for these three states.  The
73	   purpose of defining new terms in RFC 4307 was to alert implementers
74	   that there was a widespread expectation that some of the
75	   cryptographic algorithms that were listed as SHOULD-level in the
76	   document were expected to become MUST-level in a few years;
77	   similarly, there was a widespread expectation that some of the MUST-
78	   level algorithms would be demoted to SHOULD-level in a few years.

80	   Since then, other RFCs and Internet Drafts have re-used those
81	   definitions.  This document provides stand-alone definitions based on
82	   RFC 4307, and explicitly updates RFC 2119.  It is important to note
83	   that this document does not change any of the definitions in RFC
84	   2119; it only adds new ones.

86	2.  Definitions of MUST-, SHOULD+, and SHOULD-

88	   Three new terms are defined:

90	   MUST-      This term means the same as MUST.  However, the authors
91	              expect that this requirement will no longer be a MUST in
92	              a future revision of this document.  Although its status
93	              will be determined at a later time, it is reasonable to
94	              expect that if a future update this document alters the
95	              status of a MUST- requirement, it will remain at least a
96	              SHOULD or a SHOULD-.

98	   SHOULD+    This term means the same as SHOULD.  However, the authors
99	              expect that a requirement marked as SHOULD+ will be
100	              promoted at some future time to be a MUST.

102	   SHOULD-    This term means the same as SHOULD.  However, the authors
103	              expect a requirement marked as SHOULD- will be demoted to
104	              a MAY in a future version of this document.

106	3.  Acknowledgements

108	   The definitions here are based on those in RFC 4107, which was
109	   authored by Jeff Schiller.  The genesis for the idea of requirements
110	   language that includes foreshadowing of changes came from Russ
111	   Housley during the discussion of RFC 4107.

113	4.  Security Considerations

115	   There are no security considerations specific to the new definitions.

117	5.  References

119	5.1.  Normative References

121	   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
122	              Requirement Levels", BCP 14, RFC 2119, March 1997.

124	5.2.  Informative References

126	   [RFC4307]  Schiller, J., "Cryptographic Algorithms for Use in the
127	              Internet Key Exchange Version 2 (IKEv2)", RFC 4307,
128	              December 2005.

130	Appendix A.  Change History

132	   [[ This entire section is to be removed upon publication. ]]
133	   This is the first version of the document.

135	Author's Address

137	   Paul Hoffman
138	   VPN Consortium
139	   127 Segre Place
140	   Santa Cruz, CA  95060
141	   US

143	   Phone: 1-831-426-9827
144	   Email: paul.hoffman@vpnc.org

146	Full Copyright Statement

148	   Copyright (C) The IETF Trust (2008).

150	   This document is subject to the rights, licenses and restrictions
151	   contained in BCP 78, and except as set forth therein, the authors
152	   retain all their rights.

154	   This document and the information contained herein are provided on an
155	   "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
156	   OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND
157	   THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS
158	   OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
159	   THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
160	   WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

162	Intellectual Property

164	   The IETF takes no position regarding the validity or scope of any
165	   Intellectual Property Rights or other rights that might be claimed to
166	   pertain to the implementation or use of the technology described in
167	   this document or the extent to which any license under such rights
168	   might or might not be available; nor does it represent that it has
169	   made any independent effort to identify any such rights.  Information
170	   on the procedures with respect to rights in RFC documents can be
171	   found in BCP 78 and BCP 79.

173	   Copies of IPR disclosures made to the IETF Secretariat and any
174	   assurances of licenses to be made available, or the result of an
175	   attempt made to obtain a general license or permission for the use of
176	   such proprietary rights by implementers or users of this
177	   specification can be obtained from the IETF on-line IPR repository at
178	   http://www.ietf.org/ipr.

180	   The IETF invites any interested party to bring to its attention any
181	   copyrights, patents or patent applications, or other proprietary
182	   rights that may cover technology that may be required to implement
183	   this standard.  Please address the information to the IETF at
184	   ietf-ipr@ietf.org.

186	Acknowledgment

188	   Funding for the RFC Editor function is provided by the IETF
189	   Administrative Support Activity (IASA).