Re: [openpgp] Proposed WG charter

Den Mon, 1 Jun 2015 13:03:56 -0700
skrev Re: [openpgp] Proposed WG charter:

> On Jun 1, 2015 12:41 PM, "Simon Josefsson" <simon(_at_)josefsson(_dot_)org>
> wrote:
> > > > BTW, why do you and some others use the term MTI?  That term
> > > > seems to mean mandatory-to-implement and comes from Jabber, to
> > > > me this sounds very much like MUST (cf. RFC-2119).
> > > The term MTI (Mandatory to Implement) is used to differentiate it
> > > from MTU (Mandatory to Use).  I.e., an MTI algorithm is one that
> > > you're guaranteed to be ABLE to use, but there is no requirement
> > > that you actually DO use it.
> > I think there is also a possible orthogonal Mandatory to Deploy so
> > you would have:
> >
> > MTI: Code needs to be written
> >
> > MTD: Code that was written need to be enabled in deployment
> >
> > MTU: Code that was written actually need to be used
> >
> > The distinction between the two latter is when a protocol has
> > several MTD algorithms, which is the typical case.
> But I don't want to expose this choice to users, any more then
> signing and encryption ordering. There are real usability and
> deployment issues that need to get solved, that require changes to
> what is going on behind the scenes.
Users aren't involved in the two first parts.  Users are involved in
the MTU step since ultimately they own the authority to chose their
preferred algorithm -- assuming the protocol allows more than one
choice, of course.  How they are involved, i.e., whether
implementations expose the choices or not, is an UX issue.  Certainly
there are challenges there, but I don't see the IETF has a lot to
contribute around UX.

/Simon

pgptgV1hh6z76.pgp
Description: OpenPGP digital signatur

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp