On Fri, 15 Aug 2014, Dave Crocker wrote:
I'll repeat my point about the problems with saying 'security' rather than 'encryption'. This draft is now clearly and solely about encryption. And that is exactly the right focus for the draft. In this draft, authentication is only in the service of better encryption. And no security mechanisms other than encryption (and authentication) are discussed. Nor should they be.
So I'll repeat my suggestion: Either use "opportunistic encryption" and expand upon the existing definition, to increase it's scope. Or choose a term like "Best Effort Encryption", which is entirely intuitive, clear and accurate.
Agreed. I still do not think the term Opportunistic Security is right, for exactly these reasons. I'm not sure if I like going back to Opoprtunistic Encryption, but I'm less against it than I was before. Best Effort Encryption seems intuitive to me, but apparently that's not the case for everyone. Background Encryption ? Preemptive Encryption ? Preventive Encryption ? Preventative Encryption ? Countermeassure Encryption ? Remedial Encryption ? Paul