> [mailto:ietf-http-auth-bounces@xxxxxxxxxxxxxxxxx] On Behalf > Of Eliot Lear > Perhaps Sam and Lisa can explain a bit more as to what > process they intend to use. It seems that Alexey is > providing a forum for discussion to improve the document, and > I see nothing wrong with that. I would imagine that both the > IESG and the community will still get their say, so what > precisely is the problem? > > This having been said, it seems to me that in order to > address EKR's (and perhaps others') concerns, the document > will need substantial work. I welcome efforts to improve > that work. Where should that happen? Must Sam do it alone? Its an architecture issue. It is the type of issue that I would like to see the IAB take up in combination with the other principal stakeholders here - the banks, the ISPs. We do have some resources to draw on here, the Anti-Phishing Working Group and FSTC. _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf