Whatever happened to the security review: draft-housley-mass-sec-
review ?
Perhaps the charter should have the following text:
The working group will investigate security issues described in draft-
housley-mass-sec-review-00.txt, and solutions to these security
issues such as those defined in draft-otis-mass-reputation-01.txt.
On Jul 21, 2005, at 2:50 PM, wayne wrote:
I think that DKIM, as it stands, *is* viable. As such, the language
in the charter can rule out just about all discussions. I'm concerned
that the language in the charter will be used to start ruling out
anything that the private design committee doesn't like.
I like many things about DKIM. I think it is much improved upon
both DK and IIM. I think the general approach is sound and something
like the current DKIM will be very useful for email authentication.
I think there is rough consensus on this.
Now that you mention it, the word "viable" is open to
interpretation. Therefore, perhaps the scope of the charter is too
narrow at the moment.
Also, the "viable" language seems to preclude seeking other
unencumbered technologies, going against the stated direction of RFC
3979.
However, it appears to me that there are a bunch of areas that DKIM
could use a lot of work on and I like many of the features of
META-signatures that are absent in DKIM. I think DKIM can be improved
as much as the improvement from (DK,IIM) -> DKIM was.
I agree. Looking at what William has done to see if any of those
ideas can be used with DKIM should be in scope, and this should be
explicitly stated.
On Jul 21, 2005, at 4:22 PM, Earl Hood wrote:
I agree with Mr. Hallam-Baker that there is a constituency
I agree as well.
-andy