Folks,
My impression is that the threat analysis for SSP is far, far more
challenging than for the core DKIM services. At the least, this is because
we understand SSP far less.
This means that having the threat analysis document include the SSP area of
concerns is certain to protract producing the document. Since the threat
analysis document is in the critical path of producing the core document,
that means delays in getting out the base specification of the working group.
Methinks it worth considering de-coupling things at the TA level, not just
the specification level.
d/
--
Dave Crocker
Brandenburg InternetWorking
<http://bbiw.net>
_______________________________________________
ietf-dkim mailing list
http://dkim.org