On 8/26/2011 11:14 PM, ned+ietf@xxxxxxxxxxxxxxxxx wrote: > +1. If you want signatures, do them properly. Don't pretend a transfer > protection mechanism covering exactly one hop provides real object security, > because it doesn't. I could have sworn that TLS was an e2e mechanism. Maybe you're using the term "hop" in a manner unfamiliar to me? > And as for the "encrypt so the really secret stuff doesn't stand out" argument, > that's fine as long as it doesn't cause inconvenience to anyone. That's clearly > not the case here. And I'm sorry, the "mistakes were made" notion doesn't > really fly: Certificates aren't a "set it and forget it" thing, so if you > haven't noted expiration dates on someone's to-do list so they can be updated > before expiration, you're not doing it right. Isn't "not doing it right" pretty much the definition of "mistake" (assuming no evil intent)? _______________________________________________ Ietf mailing list Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf