On Sep 24, 2004, at 1:04 PM, Dave Crocker wrote:
"encryption based message contents authentication" seemed pretty clear
to me.
Can you suggest some different text that would work better?
Unfortunately, I think this is akin to MARID's first milestone of
picking an identity... and we all saw how well that went.
I think it should be backed up a notch to the actual functional
description... as in the difference between protection against bounces
vs. protecting the bounce address. And if the charter can't be
wordsmithed enough to state that the working group is attempting to
stop users from seeing forged data or the working group is attempting
to stop mail servers from acting on forged data or whatever, then this
ought to be a decision the working group is forced to make a decision
on with a milestone.
And while we're at it, why not get the DNS RR issue out of the way too?
And get the key management infrastructure issue out of the way? These
issues need to be explicitly agreed upon. Yeah, its painful, but it
stops the endless rehashing that occurred in MARID.
-andy