Hiya, On 06/08/14 14:43, Dave Crocker wrote: > On 8/6/2014 5:24 AM, Stephen Farrell wrote: >> Hierarchy isn't the right concept here. >> >> There are different states that might result after some >> opportunistic security steps are taken in a protocol. > ... >> There are also interactions between all the above and the >> particular protocol we're trying to secure, > ... >> Its very important to note that there isn't even a partial >> order of the various end states on which we can always >> generically agree, never mind a full ordering. > > > Stephen, > > All of the above means that this term is for use only by security > experts, since it makes the term unwieldy for use by anyone else. Not "only," nor just "experts" - I think the term is meant for protocol developers that care about and know something about security. An average or better IETF participant I guess would be the right target. (Please also note that this draft is not meant to say how to apply OS to your protocol, nor is it a beginners tutorial. The former is another day's work, but is the kind of thing that we also need to do after this bit is done, and probably via an update to BCP72. The tutorial thing may well be better done outside the IETF.) > I'll also note that the draft says nothing like the above. That should > bother you, and everyone else. It doesn't though:-) Maybe its a fair point though that the draft assumes a bit too much knowledge on the part of the reader. I'd have to go check again. > Worse, the different responses from folks who have been active in the > discussion and who try to explain the term show different > understandings/meanings. Still. After all this time and discussion. > > For the term to be useful, it MUST have a simple meaning that is shared > amongst its users. Otherwise, we are through the looking glass. I fully disagree. It seems to me that Viktor, Steve K, Scott K, Nico and I and others are all saying the same thing in different words and are in fact agreeing with one another. Yet to you it seems that we're not. That is an issue to look at yes. So I need to look back and see what it is that you (and the few other folks who've commented similarly) are finding problematic. Right now, I'm just not getting it tbh, but I expect we'll figure it out. However I *really* do not think we'd be wise to re-start the work looking for a new term or a new meaning so I won't comment on your suggestions along those lines. S.