Hi, > There are two fundamental reasons. One is that we didn't recognize the > issues at the time. The other, in the words of an RFC author who looked > me (as IETF Chair) in the eye while I was demanding a reasonable > security considerations discussion in his draft, is "my customers will > not pay for the extra enhancements and effort that go into a secure > solution." And the reply was, of course, that he was forced to do it anyway before publication could happen, because the IETF cares about the standards, and not hypothesized customer complaints made up by an individual participant. Right? Greetings, Stefan Winter -- Stefan WINTER Ingenieur de Recherche Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et de la Recherche 6, rue Richard Coudenhove-Kalergi L-1359 Luxembourg Tel: +352 424409 1 Fax: +352 422473 PGP key updated to 4096 Bit RSA - I will encrypt all mails if the recipient's key is known to me http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xC0DE6A358A39DC66
Attachment:
0x8A39DC66.asc
Description: application/pgp-keys
Attachment:
signature.asc
Description: OpenPGP digital signature