At 10:04 AM 9/24/2004 -0700, Dave Crocker wrote:
There
is also the question of scope and policy, i.e. how much we take on with
issues such as indicating whether or not an entity signs all messages,
for instance.
That would be outside of the scope of work, per this draft. The draft is for
defining a particular mechanism, not for dealing with the policies of its use
or
for defining mechanisms to communicate that policy.
Perhaps that exclusion should be added to the 'out of scope' section of the
charter?
I'm not sure I would consider this out of scope. We could define a separate
mechanism for handling unsigned mail, but I think a better way to handle this
might be to use whatever key management/authorization mechanism we might decide
on, and "ask it about the null key".
-Jim