Lloyd,
On 01/04/2014 12:45 AM, l(_dot_)wood(_at_)surrey(_dot_)ac(_dot_)uk wrote:
"Please include a full explanation of how pervasive monitoring is
mitigated in this protocol. If this protocol is not fully
cryptographically secure to defeat pervasive monitoring, explain why
not."
What are you quoting? That text is *not* part of the
draft, nor do I recall it being sent to the list by
anyone.
Surely inventing quotes is not fair game here?
S.
Yeah, that gives complete design control to the security AD.
Which problem is being addressed, exactly?
Lloyd Wood http://about.me/lloydwood
________________________________________ From: ietf
[ietf-bounces(_at_)ietf(_dot_)org] On Behalf Of Stewart Bryant (stbryant)
[stbryant(_at_)cisco(_dot_)com] Sent: 03 January 2014 20:36 To: Melinda Shore
Cc: ietf(_at_)ietf(_dot_)org Subject: Re: Last Call:
<draft-farrell-perpass-attack-02.txt> (Pervasive Monitoring is an
Attack) to Best Current Practice
I have been wondering whether a simple update to "A Guide to Writing
A Security Considerations Section" is all that is needed to address
the problem in hand?
Stewart
Sent from my iPad
On 3 Jan 2014, at 19:00, "Melinda Shore"
<melinda(_dot_)shore(_at_)gmail(_dot_)com>
wrote:
On 1/3/14 8:33 AM, Eric Rosen wrote: One has to look at the
likely impact of the draft, not merely at the intentions of the
authors.
I don't know if I'd use "likely" here but I definitely think the
IETF should be somewhat more thoughtful about "possible."
I've been trying to figure out if there's a way forward that
doesn't involve bulldozing the dissenters. Personally, I'd be fine
with publishing it as informational or experimental, or if the
document provided a lot more clarity about the basis for review
(along the lines of 3552).
Melinda