On 1/15/14 5:40 PM, Sam Hartman wrote:
"Eliot" == Eliot Lear <lear(_at_)cisco(_dot_)com> writes:
I absolutely agree that general guidance of this form would be valuable
either in some general security BCP that the other security BCPs
reference or restated in the security BCPs.
It is a basic precept of engineering that the earlier you spot a design
flaw, the less costly it is to address. We needn't teach such basic
precepts in our series.
we're not working on such a BCP now, so I'm trying to add the advice I
need to this BCP in order for it to work for me as a WG chair and
document author.
And as a working group chair you must balance ALL considerations and not
just this one.
It's not so much a truism that we all agree to it. I've definitely
worked with WGs that didn't want to consider these sorts of issues when
choosing technology and didn't seem to agree that they had to.
And I've seen participants all but derail working groups by solely
focusing on one design consideration.
Eliot