I haven't had an answer to my questions from Stephen.
"nonetheless access to that data
should use best practices for security and privacy."
why?
" New services will however generally only be made
available in ways that use security protocols such as
TLS."
again, why?
"Because... SECURITY!" would not be a good answer.
Lloyd Wood
http://about.me/lloydwood
________________________________________
From: ietf [ietf-bounces(_at_)ietf(_dot_)org] On Behalf Of Dick Franks
[rwfranks(_at_)acm(_dot_)org]
Sent: 04 April 2014 21:12
To: Hector Santos
Cc: IETF-Discussion
Subject: Re: Security for various IETF services
On 4 April 2014 20:48, Hector Santos
<hsantos(_at_)isdg(_dot_)net<mailto:hsantos(_at_)isdg(_dot_)net>> wrote:
Everyone else has already touch based with the same issues.
Silence could easily be misconstrued as acceptance.
[snip]
Stephen asked about the last sentence:
New services will however generally only be made
available in ways that use security protocols such as
TLS.
Which to my eye looks like a conclusion; without shred of justification and
before any meaningful discussion has taken place.
26 messages on and the consensus thus far is that an answer to Lloyd Wood's
one-liner is very much required.