On Fri, 19 Feb 2016, John C Klensin wrote:
Stephen,
I think such a paragraph would be a significant step forward. I
don't think it is a substitute for any of the drafts being clear
about known issues and security risks, including warnings (aka
"considerations") about the difference between obtaining a key
and authentication of the key vis-a-vis the supposed key owner.
I don't know whether you consider that separate from "...other
points made about this draft." or not.
I would feel it to be very constructive if we could focus on specific
text. We already merged in a bunch of text on request from the
openpgpkey-usage document to satisy the earlier requests for security
considerations.
Paul