Re: Last Call: <draft-farrell-perpass-attack-02.txt> (Pervasive Monitoring is an Attack) to Best Current Practice

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 1/2/2014 4:23 AM, Stephen Farrell wrote:
This BCP will not change the potential for any AD to abuse the
IETF. Not a whit. And it really doesn't matter what happened
10 years ago or whenever you care to pick.


Stephen,

I think this assessment is incorrect, based on the earlier history with Security Considerations.

For years, we were faced with a requirement to do these Considerations, but had no guidance about what would satisfy it and what wouldn't. As a consequence, working groups had to play a guessing game -- sometimes for months -- as to what would satisfy the blocking AD.

Of course, that potential is always present, and not just for Security Considerations. But it is exacerbated by a document with formal status that makes broad requirements but affords working groups no guidance about how to satisfy those requirements.

Again, this is why I think your document should be issued with non-normative status.

It's good to have the statements it makes. It's bad to give them normative force until we have experience trying to apply it.

d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net




[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]