On Wed, Aug 18, 2004 at 11:32:14AM +0100, Chris Haynes wrote:
Is it in order for the WG to proceed to last call with a solution which:
- addresses only half the problem space and
- increases the number of unauthorized, frequently virus-carrying, messages
on the Internet?
Yes, this is in order for that WG, while I absolutely share your
concerns (and therefore had designed RMX to deal with the bounce
message problem, so there was a solution to that problem, but that
WG does not want this problem to be solved).
Security protocol design requires to define a problem space, to create
a solution, and then to show that the solution actually solves the
problems of the problem space. That's not the way this WG works.
The space this WG is working on, is the commercial interestes
space. And that's what's going to be fulfilled. Interestingly, this
space is not well-defined. As soon as you mention or question it,
you'll get kicked out from the mailing list.
So don't expect the output of the WG to be a good solution to a
technical security problem, because that's not what it has been
engineered to be. If it had been, you would have found a precise
definition of the 'problem space', what the protocol is aimed to
solve.
Have a look at the 'Goales and Milestones' section of the group
charter. Do you find any precise description or definition of the kind
of attack this WG is working on? No. That's not the way it works.
regards
Hadmut