On Oct 2, 2004, at 4:11 PM, John Levine wrote:
The processes that
work are more like spirals, going between design, implementation, and
evaluation.
Hah! The biggest, most spectacular failure of a software project I
ever witnessed used a spiral-like method. One year and $20 million
later, all we had to show for it was a billing system that didn't do
what the finance people wanted and some hideous code that took 17
classes to pull a sequence number from a database.
I'm sorry, but the meat + grinder + turn crank repeatedly = sausage
method has been known to fail too.
On Oct 2, 2004, at 12:26 PM, ned(_dot_)freed(_at_)mrochek(_dot_)com wrote:
While I think we need something that can be done MUA-to-MUA, it isn't
at all clear to me that this should be our primary focus.
I agree.
On Oct 3, 2004, at 10:35 AM, James M Galvin wrote:
Both S/MIME and PGP are profiled with a preferred key distribution
mechanism, but at one extreme all technologies will work with manually
provided and managed keys. So, we could reasonably substitute any
suitable key distribution system for any of the technologies.
I'm glad somebody said this. I agree.
On Oct 1, 2004, at 3:04 PM, william(at)elan.net wrote:
and (debatably)
doesn't have to survive all of the mangling that might happen to
messages as they pass through mailing lists and the like.
This I STRONGLY SGRONGLY disagree. The system MUST be able to work
within current email infrastructure and not break it. That means
the signature must survive emails and forwarders and all other common
email retransmision systems.
I agree with William here. Building any system that cannot survive
common relaying and forwarding situations is doomed to failure and will
not likely reach mass deployment.
-andy