"Blanket dismissal of substantive concerns is not the usual approach to work in the IETF." It's been the norm ever since perpass and RFC 7258. Because... security! Security work gets a free pass. Lloyd Wood http://about.me/lloydwood ________________________________________ From: ietf <ietf-bounces@xxxxxxxx> on behalf of Dave Crocker <dhc@xxxxxxxxxxxx> Sent: Wednesday, 27 August 2014 2:12:19 PM To: IETF Discussion Subject: draft-dukhovni-opportunistic-security-04 Folks, A new version of the draft was issued today. And the Sponsoring AD promptly decided that there is IETF consensus on the draft, scheduling it for the next IESG telechat. The Sponsoring AD has deemed all changes since the -02 version is minor. This is spite of the fact that /nearly every word/ of the newest draft is new. Yes, really: https://www.ietf.org/rfcdiff?url1=draft-dukhovni-opportunistic-security-03&difftype=--hwdiff&submit=Go!&url2=draft-dukhovni-opportunistic-security-04 I did another detailed review of the draft: http://www.ietf.org/mail-archive/web/saag/current/msg05531.html including: > Summary: > > The paper defines and explains flexible approach to the use of > encryption on the Internet. It assigns the term 'opportunistic > security' to this term. > > The latest draft has extensive changes from the previous version. > > Although many of the changes are quite helpful, the document still > suffers from confusing or unexplained terminology and some unfortunately > initial organization. > > A number of points from previous reviews have not been addressed. > > The paper continues to freely make strong assertions, without > providing any substantiation or even, in some cases, explanation. At a > minimum, every term that is used, every assertion that is made and > anything else that derives from Internet experience should be documented. > > Concerns with the term "opportunistic security" persist. It is both > vague and overblown, given the specific technical point it is meant to > address. That concern is about encryption and the term should make that > clear. > > The paper still needs extensive revision before it should be > considered for publication. Blanket dismissal of substantive concerns is not the usual approach to work in the IETF. d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net