On Wed, Oct 12, 2005 at 12:07:13AM -0700, "Hal Finney" wrote:
I am a bit uncomfortable with the notarization signature in general.
We have it in the draft but have no experience with it in reality,
which is kind of the opposite of the usual IETF procedure. I guess it
was somebody's bright idea that got stuck in, in case people might want
to use it someday.
The fact that we may have to add further rules clarifying how to use it
just emphasizes our lack of experience with the construct. Often with
these things you don't find the problems until you actually try to use it
for something and interoperate with others. Given that notary signatures
have been in the draft in some form or other for years without seeing
any use that I know of, should we consider taking them out?
While I hate to say it, given the number of hours that went into it
thus far, I think I agree. Last call is approaching, and we have no
implementations of it and no experience with it.
This isn't to say that I think we should scrap notary signatures -
just that it might be a good idea to bump them into their own RFC so
as not to delay 2440bis. I don't believe that implementation and
experience can be achieved in time, and I'd rather see them done right
than done in 2440bis.
David