Folks,
Jim has put in quite a bit of effort on the Threat Analysis document. Multiple
iterations of a document, with revisions that are highly responsive to community
feedback, usually makes for a document that is finished.
In the current case, I find myself entirely unclear how we will know when it is
*really* finished. Clearly it is not enough to simply run out of comments and
suggestions from participants. The current mailing list discussion and
issue-list management will satisfy the needs of the mailing list participants.
However the document must satisfy the requirements of Security Area experts.
How will we know when we have accomplished that? I am not aware of an explicit,
stable reference against which we can target this document.
With luck, my confusion is merely due to my having missed important management
and documentation actions. I sure hope so.
However the charter requires completing the threats document within about 30
days and I see no way to claim that we are likely to meet that milestone.
d/
ps. Please note that I am sending this to the WG, rather than -- for example --
our Area Director. At the moment, my concern is what WE know to be our task,
rather than what he or his IESG colleagues might describe it to be.
--
Dave Crocker
Brandenburg InternetWorking
<http://bbiw.net>
_______________________________________________
ietf-dkim mailing list
http://dkim.org