----- Original Message -----
From: "Stephen Farrell" <stephen(_dot_)farrell(_at_)cs(_dot_)tcd(_dot_)ie>
To: "Harald Alvestrand" <harald(_at_)alvestrand(_dot_)no>;
<ietf(_at_)ietf(_dot_)org>
Sent: Monday, December 07, 2015 11:30 AM
Hiya,
On 07/12/15 11:23, Harald Alvestrand wrote:
I think there's a piece of backstory here I'm not getting....
Den 04. des. 2015 18:05, skrev The IESG:
The protocols in scope are Secure Shell (SSH), DNSSEC, PKIX, CMS,
XML
Digital Signatures and potentially Kerberos and JSON.
Why is TLS not included?
It seems likely that the answer is one of:
1) TLS is already up-to-date in the space this group is limited to
2) TLS work is being done in the TLS working group
The latter, and a bit of the former:-)
There is also an active SSH list (albeit only about 5 message p.d.
lately which would barely be noticed on the TLS list:-( and Simon has
posted a message to the curdle list identifying some of that work; and
you yourself have posted to it so you know about it!
Conversely, I do not see most of those active on the SSH yet taking part
in curdle (nor do I see any mention of curdle on the SSH list).
Setting up this WG to look at SSH would seem divisive and unlikely to
gain any meaningful momentum.
I do think that the Security Area should be reaching out far more to
other areas to pro-actively provide guidance but do not think that this
proposal has got it quite right.
Tom Petch
In both cases, it would be nice to say so in the charter.
The charter text tries to do that generically but does mention
TLS specifically in this bit:
"Where there is an IETF working group or area group with expertise
in
a relevant topic the CURDLE working group will defer to the
consensus of the more specific working group as to where work will
be done. For example, the TLS, OpenPGP and IPSECME WGs are actively
considering some of these topics. "
Cheers,
S.