Another issue from digging through the document.... This is
prior to trying to trying to post -02, but I don't expect
responses to make it into -02 unless they are very quick, very
clear, and represent a clear consensus.
RFC 3552 contained a fairly extensive analysis of what it
thought the Security Considerations section of RFC 2821 ought to
look like. Some of those changes have already been
incorporated in 2821bis, but a number of the suggestions are
controversial or possibly just plain wrong. An extended
discussion of some of the issues appears in the long-expired
I-D, draft-klensin-rfc2821-security-00.txt, which is now
referenced in the 2821bis-01 text.
I can repost that I-D if needed, but that seems worthwhile only
if we are going to turn every point it raises into an issue and
discuss it. Otherwise, I need to delete the discussion that now
appears at the beginning of the Security Considerations section
and the reference.