From: Jeffrey Hutzelman [mailto:jhutz(_at_)cmu(_dot_)edu]
No, we don't. We just need to discourage the practice of
waiting to write such a document until after protocol design
is complete, rather than doing it first.
That depends.
Take the recently renamed WAE. The original idea of this group was to go after
phishing. I work on phishing every day, I think they would do far better and
produce something with much more immediate impact by instead applying their
technology to the problem of Internet pedophiles.
Changing bank authentication infrastructure is hard and the liability issues
are savage.
Bottom up work is what this particular community does best.
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf