Before we get into the wording of the latest ssp-reqs, can we try
to figure out whether this is really different from the set of
similar *closed* issues on base?
I am not at all clear why such flags are useful in SSP, given that
we have rough consensus that they are not needed for base.
As I see it:
1. The current WG consensus for base is that its up to each recipient
to decide for itself which algorithms it considers acceptable.
2. The current WG consensus (I think) is that SSP need not be used
when a signature that the recipient considers "good" is present. (I.e.
I see no consensus for a position that SSP MUST be used even if
what the verifier thinks is a good signature is present.)
Given 1 & 2 above, I just don't see the point of algorithm
transition information in SSP since no-one will read it who
might act on it.
Please also expliticly explain why this is not simply revisiting
some *closed* issues on base.
NOTE WELL: This list operates according to