I am OK for alst call with the whole document except one security
related point.
section 4.
I think that MUSTs should be replaced by SHOULDs.
section 5.
We should mention that there is a security problem of these SHOULDs
are not enforced.
The reason why is to permit OPES applications where there is no trace
on mails. In particular for reverse security reasons (I do not want
to disclose my protection strategy to protect it).
jfc
At 14:53 12/08/2006, Markus Hofmann wrote:
We are starting WG last call on the "Integrity, privacy and security
in OPES for SMTP" draft (see
http://ietf.org/internet-drafts/draft-ietf-opes-smtp-security-00.txt).
Please post comments, etc. to the mailing list, and
please point out whether you feel your comment is editorial or a
show-stopper.
Per previous email, the document will be forwarded to IESG only if
we receive at least THREE positive reviews, along the lines of "I
have read it and think it is ready for last call".
If we don't get at least three positive reviews, we'll consider
sending out the document as Informal or Experimental with a proposed
note stating "Published as a record of the work", which highlights
that the work did not fully complete.
The last call period closes on Monday, August 28 at 5pm EDT.
Thanks,
Markus