Dave Crocker wrote:
I note in passing that none of this has anything to do with accreditation
system linkage. I support defining a linkage field for this purpose in the
base specifications. The field's syntax should be that of a URL; defining
its use should be out of scope for now.
I don't understand what this would achieve. The syntax is extensible
right now, so why specify something that doesn't have semantics? I
Presumably, a validating agent who is trying to evaluate an incoming message
wants to use assessment services that they trust. That trust cannot be given
from any agent involved in creating or sending the message, since one (or maybe
more) of them is the identity being evaluated.
So, what is the purpose of having the message signer provide a pointer to
assessment information? (For reference, CSV provides this mechanism, too.)
It appears the primary purpose is efficiency. If there are jillions of
assessment services, which one(s) should the validating agent check with?
I don't question either the utility or the efficiency. I only
question why there is any motivation to define an underspecified
tag when the protocol can be extended with or without our blessing.
We can always recharter if we find out that the accreditation space
is easier/more pressing/won't impact the base effort. And I seriously
don't get the impression that the people who are for keeping a crisp
charter are really trying to send this work to Siberia. That's certainly
not my position.
Mike