I've just now subscribed here because Derek sent a pointer
to the recent discussion about chartering a new WG.
FWIW, as one of the security area directors who might be
involved in the chartering stuff, I'm happy to help out as
I can, and I'm sure the same goes for Kathleen. But you seem
to be doing all the right things already (discuss charter,
focus on changes people would likely implement/deploy,
meet in bar:-), which is great.
A couple of other things to do might be to send a pointer
to the general security area list (saag(_at_)ietf(_dot_)org) asking
interested folks to subscribe here, (e.g. I think I used be
subscribed to the imc hosted list way back but I wasn't on
this one) and if the bar-BoF goes ahead, it'd be good for
one of you to grab the mic at the saag session in Dallas
and report back on that.
Please also note that there's no absolute need to have a
BoF session (e.g. in Prague in July) before a WG is formed.
If a whole bunch of people know that they all want to do a
well-scoped useful thing then we may not need one. (The
just-formed tokbind WG didn't have a BoF for example.) If
OTOH, there's a need for face-to-face discussion about
tricky scoping issues or about whether some work should be
done at all then a BoF can be a fine thing. In this case,
I'd not be surprised if no BoF were needed, in which case
we could possibly form a WG before July and get going that
much sooner. That said, please keep your focus on the
getting the right proposed charter text and don't
over-prioritise speed. (Since a lot of people still
assume a BoF session and the associated delay are mandatory,
I figured it worth pointing out that's not always the
openpgp mailing list