--On Tuesday, October 13, 2009 12:57 -0700 The IESG
<iesg-secretary(_at_)ietf(_dot_)org> wrote:
The IESG has received a request from an individual submitter
to consider the following document:
- 'Certified Electronic Mail '
<draft-gennai-smime-cnipa-pec-05.txt> as a Proposed Standard
The IESG plans to make a decision in the next few weeks, and
solicits final comments on this action. Please send
substantive comments to the ietf(_at_)ietf(_dot_)org mailing lists by
2009-11-10.
Before trying to embark on an in-depth review of this long and
complex document, could the IESG explain to the community why it
is being processed as a Proposed Standard? After reading
quickly through its first few pages, and despite containing a
standard IPR clause rather than a "no derivative rights other
than to publish" one, it appears to be a translation and
adaptation of an existing national standard and set of
regulations, with no provisions for transferring change control
to the IETF, etc.
I also note that it refers to a MUST requirement for "licensed
providers" (in Section 5.6) which is usually the type of
provision we try very hard to provide in anything
Standards-track. The licensing mechanism and authority is not
described although it is possible to deduce it from context.
That is also a Security Considerations issue, since the next
clause, "this access modality guarantees authenticity, integrity
and confidentiality of data" seems to amount to "we are from the
[Italian] government, therefore we are trustworthy and can
guarantee trust". So, from my point of view, if this is going
to be processed on Standards Track, it may need work... and
that, in turn, implies that we need change control.
If, in fact, this is actually a republication of standards
material, why process this on Standards Track rather than as an
Informational republication of an existing standard from another
SDO?
thanks,
john
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf