I agree with Phillips comments and the FSTC stands ready to help -----Original Message----- From: Hallam-Baker, Phillip [mailto:pbaker@xxxxxxxxxxxx] Sent: Monday, September 10, 2007 9:21 AM To: Eliot Lear; IETF Discussion; ietf-http-auth@xxxxxxxxxxxxxxxxxxxxxxx Subject: RE: [Ietf-http-auth] Re: Next step on web phishingdraft(draft-hartman-webauth-phishing-05.txt) > [mailto:ietf-http-auth-bounces@xxxxxxxxxxxxxxxxx] On Behalf > Of Eliot Lear > Perhaps Sam and Lisa can explain a bit more as to what > process they intend to use. It seems that Alexey is > providing a forum for discussion to improve the document, and > I see nothing wrong with that. I would imagine that both the > IESG and the community will still get their say, so what > precisely is the problem? > > This having been said, it seems to me that in order to > address EKR's (and perhaps others') concerns, the document > will need substantial work. I welcome efforts to improve > that work. Where should that happen? Must Sam do it alone? Its an architecture issue. It is the type of issue that I would like to see the IAB take up in combination with the other principal stakeholders here - the banks, the ISPs. We do have some resources to draw on here, the Anti-Phishing Working Group and FSTC. _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf