* Stephen Farrell wrote:
On 01/04/2014 01:10 AM, Bjoern Hoehrmann wrote:
* Stephen Farrell wrote:
On 01/04/2014 12:45 AM, l(_dot_)wood(_at_)surrey(_dot_)ac(_dot_)uk wrote:
"Please include a full explanation of how pervasive monitoring is
mitigated in this protocol. If this protocol is not fully
cryptographically secure to defeat pervasive monitoring, explain why
not."
The text (I hate to bring it up, seems almost unfashionable;-),
says:
Those developing IETF specifications need to be able to describe how
they have considered pervasive monitoring, and, if the attack is
relevant to the work to be published, be able to justify related
design decisions. This does not mean a new "pervasive monitoring
considerations" section is needed in IETF documentation. It means
that, if asked, there needs to be a good answer to the question "is
pervasive monitoring relevant to this work and if so how has it been
addressed?"
Lloyd's "paraphrase" is entirely unlike the actual text. His
quote marks, are, like his argument, entirely bogus. (And not
even funny, which is often a redeeming quality of Lloyd's
posts:-) Given that there seems to be a trend to ignore the
actual text, and that that I've already commented on that, I
think yes, his supposed quote is out of order. Perhaps you
don't, and that's fine, but I do.
If you think it would be a serious problem if the text is interpreted as
in the paraphrase above, then I think revisions to the actual text are
in order, because if there is any difference between the actual text and
the paraphrase, I find it hard to impossible to make out. It is not fine
to keep the text as-is if it is easy to misinterpret.
--
Björn Höhrmann · mailto:bjoern(_at_)hoehrmann(_dot_)de ·
http://bjoern.hoehrmann.de
Am Badedeich 7 · Telefon: +49(0)160/4415681 · http://www.bjoernsworld.de
25899 Dagebüll · PGP Pub. KeyID: 0xA4357E78 · http://www.websitedev.de/