Hiya,
On 15/09/15 20:33, Dave Crocker wrote:
On 9/15/2015 12:26 PM, Stephen Farrell wrote:
Note that I am not addressing what I think is an underlying objection
which I interpret as "this won't work and is hence a bad idea." I do
think folks can validly propose an experiment like this for a feature
(e2e email security) we've never managed to get deployed at scale. (By
"like this" I mean something with lots of associated and non-crazy
concerns.) Were it the case that running this experiment would break
a bunch of things I would feel differently but I don't think that is
the case.
Arguably, a failure of this mechanism could be quite serious.
One can make that argument that seriously bad things could happen,
as one can make many arguments. Making an argument does not in itself
change the probabilities though.
It seems very unlikely to me at least that this experiment would
do significant harm.
If there is information indicating serious breakage is in fact a
non-negligible likelihood that would indeed be interesting.
Cheers,
S.
In fact, it can fail in both directions of damage: It can create a
blocked channel between originator and recipient, and it can create a
false sense of having a protected channel. How are these not
significant breakage?
More generally, the idea that it is acceptable for the IETF to authorize
an experiment for which basic questions of feasibility have been raised
but not meaningfully resolved re-emphasizes the problem with not
specifying what, exactly, is the purpose of the experiment and how
efficacy, or its lack, and success or failure will be assessed.
d/