I love how folks who it seems would rather we do nothing are asking for more security process in this case. IMO, the tools folks haven't gone terribly wrong on this in the past and are not likely to do so in future. We are also not developing new protocols for broad Internet use here but rather talking about an IESG statement that those who develop tooling and who deploy services should find useful when considering new IETF services such as some new web tool or remote participation tool. The statement also reminds them to not go OTT and break stuff just in order to improve security. So no, we do not need a common criteria evaluation for this and we will not suddenly forget how to do sound engineering and no we do not need to do all that engineering right now for every possible future service and nor do we need to include "don't forget to do engineering" in this IESG statement. Regards, S. On 04/09/2014 03:12 AM, l.wood@xxxxxxxxxxxx wrote: > Gee, you don't need a threat analysis when you're going to protect against EVERYTHING! > > That's SECURITY! > > Lloyd Wood > http://about.me/lloydwood > ________________________________________ > From: ietf [ietf-bounces@xxxxxxxx] On Behalf Of Dick Franks [rwfranks@xxxxxxx] > Sent: 09 April 2014 01:02 > To: t.p. > Cc: IETF-Discussion > Subject: Re: Security for various IETF services > > On 8 April 2014 09:32, t.p. <daedulus@xxxxxxxxxxxxx<mailto:daedulus@xxxxxxxxxxxxx>> wrote: > > > The path that I have seen several Security ADs steer Working Groups down > is to start with a threat analysis before deciding what counter measures > are appropriate. > > > Several contributors have been saying exactly that for almost a week. > > These suggestions have been answered by dismissive emails and a relentless bombardment of magic pixie dust. > > > >