On 1/15/14 5:40 PM, Sam Hartman wrote: >>>>>> "Eliot" == Eliot Lear <lear@xxxxxxxxx> writes: > > I absolutely agree that general guidance of this form would be valuable > either in some general security BCP that the other security BCPs > reference or restated in the security BCPs. It is a basic precept of engineering that the earlier you spot a design flaw, the less costly it is to address. We needn't teach such basic precepts in our series. > > we're not working on such a BCP now, so I'm trying to add the advice I > need to this BCP in order for it to work for me as a WG chair and > document author. And as a working group chair you must balance ALL considerations and not just this one. > It's not so much a truism that we all agree to it. I've definitely > worked with WGs that didn't want to consider these sorts of issues when > choosing technology and didn't seem to agree that they had to. And I've seen participants all but derail working groups by solely focusing on one design consideration. Eliot