Folks,
A question has been raised about the very brief Security Considerations section
in the email-arch draft. I've modified the section slight, for the next draft,
but the section still defers meaningful discussion to existing specifications.
This is the latest version:
<section title="Security Considerations">
<t>This document does not specify any new Internet Mail
functionality. Consequently it is not intended to introduce any
security considerations, beyond those already established for
Internet Mail. </t>
<t>However its discussion of the roles and responsibilities for
different mail service modules, and the information they create,
highlights the considerable degree to which security issues are
present when implementing any component of the Internet Mail
service. In addition, email transfer protocols can operate over
authenticated and/or encrypted links, and message content or
authorship can be authenticated and/or encrypted. </t>
<t>The core of the Internet Mail architecture does not impose any
security requirements or functions on the end-to-end or
hop-by-hop components. Details of security considerations for
particular Internet Mail mechanisms are provided in the detailed
specifications for those mechanisms.</t>
</section>
As for I8N, I believe that doing more in the document requires some rather
compelling consensus among the community -- ie, you folk.
To the extent that anyone insists the document say more than the above, please
consider that requirement to generate candidate text as resting on your own
shoulders...
Again, it's not that my own view is unfriendly to having the document say more,
its that I am very concerned about derailing the document with an effort that is
clearly difficult to do thoroughly and well, and get agreement from the community.
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net