I haven't had an answer to my questions from Stephen. "nonetheless access to that data should use best practices for security and privacy." why? " New services will however generally only be made available in ways that use security protocols such as TLS." again, why? "Because... SECURITY!" would not be a good answer. Lloyd Wood http://about.me/lloydwood ________________________________________ From: ietf [ietf-bounces@xxxxxxxx] On Behalf Of Dick Franks [rwfranks@xxxxxxx] Sent: 04 April 2014 21:12 To: Hector Santos Cc: IETF-Discussion Subject: Re: Security for various IETF services On 4 April 2014 20:48, Hector Santos <hsantos@xxxxxxxx<mailto:hsantos@xxxxxxxx>> wrote: Everyone else has already touch based with the same issues. Silence could easily be misconstrued as acceptance. [snip] Stephen asked about the last sentence: New services will however generally only be made available in ways that use security protocols such as TLS. Which to my eye looks like a conclusion; without shred of justification and before any meaningful discussion has taken place. 26 messages on and the consensus thus far is that an answer to Lloyd Wood's one-liner is very much required.