[Top] [All Lists]

Re: More on KEKIdentifiers, and a suggested addition to CMS

1999-03-16 13:12:40

I have a question about this.  Are you producing a document with a known
deficiency that you intend to correct later in the standards process?

There is a difference between a deficiency and a security flaw. The desire for passwords was brought up very late in the process, an indication that there are not pressing market needs for it. It would be nice to have, but there are significant technical issues, and thus Peter is proposing an extension to CMS.

appears to me that making the change that has been suggested using the
extension mechanism after it has been released as PS would likely cause CMS
to move backwards in the standards process, and not forwards.

I don't understand why. The separate proposal does not have to be bound to CMS. If we want to later bind it to CMS, we can postpone going from Proposed Standard to Draft Standard by enough months to let the extension catch up. Otherwise, they can independently move to Draft Standard. Both are quite common in the IETF.

 Thus, the
whole process would be substantially delayed.

Just the opposite: there is no delay at all.

 You're better off correcting
the problem now with the "..." or extension mechanism or whatever as part
of WG last call, and moving on rather than attempting to correct it later,
and then being shifted back in the standardization process...

I respectfully disagree.

--Paul Hoffman, Director
--Internet Mail Consortium

<Prev in Thread] Current Thread [Next in Thread>