ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Ietf-http-auth] Re: Next step on web phishing draft (draft-hartman-webauth-phishing-05.txt)

2007-09-10 17:06:13
from [Sam Hartman] [Permanent Link] 
"Chris" == Chris Drake <christopher(_at_)pobox(_dot_)com> writes:


    Chris> Hi Alexey,
    >> And if you would like to suggest a better process for moving
    >> things forward, please share your opinion.

    Chris> Suggest: Properly document comments and reviews somewhere.

    Chris> Question: what's the best way to submit comments and
    Chris> reviews - can we just re-write the entire draft, annotating
    Chris> our changes, and submit that?  

You can.
I'd find it  more useful though if you simply sent in comments  where 
appropriate.
I.E. send a message to this list describing an issue with the draft and  your 
comments on how to solve it.
Specific new text is welcome but not required.

However if you find that annotating the draft is the easiest way for
you to get your point across do that.  A new text version would be far
more useful than an annotated pdf to me.

    Chris> Are professionals and
    Chris> experts even invited/allowed to comment?  

I think most of us consider ourselves computer security or web
professionals.  (I consider myself a computer security person more
than a web person).  we like to think that we have sufficient
background to be qualified to make the statements we're making.  So,
yes, I think many of us consider ourselves experts in fields related
to this work.  I'm not sure anyone today can claim to be an expert in
solving phishing as it's not particularly a solved problem.:-) But
yes, comments from people who have subject matter expertise are
greatly welcome.

    Chris> Is there a formal
    Chris> procedure for dealing with suggestions (eg: attributing,
    Chris> documenting, discussing, leading to an ultimate official
    Chris> public inclusion (or exclusion with reasoning).

I don't know if we'll end up needing that level of formality; I'm
hoping that mailing list discussion will be sufficient, but we can
develop formality if we need it.  If you're new to the IETF you may
want to take a look at http://www.ietf.org/rfc/rfc4677.txt

_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  OT: Document file names, Paul Hoffman
Next by Date:  Re: Symptoms vs. Causes (was next step on web phishing draft), Bernard Aboba
Previous by Thread:  Re[2]: [Ietf-http-auth] Re: Next step on web phishing draft (draft-hartman-webauth-phishing-05.txt), Chris Drake
Next by Thread:  New to IETF [Was: Next step on web phishing draft], Willie Gillespie
Indexes:  [Date] [Thread] [Top] [All Lists]