Hi Stephen,
At 12:48 27-11-2013, Stephen Farrell wrote:
Well, only to the same extent that any cycle of threats emerging
and us figuring out mitigations is an ongoing process, so I don't
see this as being different in that respect, after we've taken the
step to recognise that its an attack that we ought try mitigate.
Ok.
Yes. (As stated in the References section.) The idea there is
to start by collating text from the various drafts that people
have already sent to the perpass list. I hope we'll get a draft
of that in the not-too-distant but I'm pretty sure that most
everyone is already familiar with the gist of the problem
here - certainly well enough to express support or not for
this draft when it gets to a last-call. (And personally I'm
hoping that LC on this one will start in the near future.)
Ok.
That term was a bikeshed [2] on the perpass list already (including
a mail from your good self:-)
I did mention that it was a nit. :-)
I figure s/bad actor/actor/ as suggested by PSA was the best
change. (I've a few other minor changes to make as a result
of discussion on that list as well, hope to get -01 out with
those over the weekend.)
I'll defer to the authors as I have already done the nitting/bikesheding. :-)
I'm not sure if you're suggesting some change there but I think the
point you make above is already made in the (very short) draft in
which case repeating it wouldn't be that useful.
The first sentence could say that it is a combined security and privacy threat.
Yeah, I like his draft too. I was quite tempted to AD-sponsor partly
to see how it irritates overly-process-oriented folks :-)
The simplicity is itself a statement (see draft-thomson-perpass-statement-00).
Regards,
-sm