On 01/02/2014 01:26 PM, Scott Brim wrote:
On Jan 2, 2014 8:18 AM, "Stephen Farrell"
<stephen(_dot_)farrell(_at_)cs(_dot_)tcd(_dot_)ie> wrote:
And so with this one - stating only the high level requirement
is the right thing to do for now
Would it be better to leave this one informational and not make it a BCP?
There's extremely little in it that is Practice. The next level down is
where we would add more specific guidelines and BCPs.
See the quote from 2026 in my response to Dave - what is wrong
with following that and making a statement of principle as a
BCP?
There should be no need for all BCPs to have lots and lots of
detail surely.
And FWIW, I do think it'll be easier to get WGs to properly
consider the attack/threats if this is a BCP.
I also think it'll be cleaner to update as a BCP, if and
when we wanted to add more detail, but that's a minor detail.
S.