On Wed, 29 Sep 2004, Dave Crocker wrote:
So the idea is to pursue these two envelope-related proposals in
CLEAR and leave MASS to pursue authentication of the message
header and contents.
So if you no longer want to include BATV as pasrt of MASS work, would
you object changing your proposed charter text to:
"The MASS working group will produce specifications that support
transfer-related encryption-based authentication of an email message
contents."
I don't think we're anywhere close to being ready to pick any
one proposal.
Once again: We can pursue things as if we were starting from
scratch, developing requirements, agreeing on components of the
solution and then, one day, possibly assembling things into a
complete specification. We would be doing well to complete this
within 2 years. Four is more likely and six is not all that
uncommon.
I don't think we would be pursuing things from scratch, so I'd expect
we can finish in 9-18 months and I think this is good timeframe for such
work that allows for more carefull consideration of what needs to be done
and how to do so it does not harm existing email infrastructure and at the
same time offers maximum benefits to early adaptors.
I realize many feel the need is very very urgent and we can do with
half-baked solution, but I do not agree. Besides that we have just
seen a very bad example of what happens when we start with existing
work that some feel is ready and try to rush it through IETF process.
P.S. If you know Russian there is good saying "Pospeshish, lyudey nasmeshish"
Wikipedia (http://en.wikiquote.org/wiki/Russian_proverbs) provided the
following equivalents for it:
"Hasty climbers have sudden falls"
"The more haste, the less speed"
---
William Leibzon, Elan Networks:
mailto: william(_at_)elan(_dot_)net
Anti-Spam and Email Security Research Worksite:
http://www.elan.net/~william/emailsecurity/