Sent from my iPhone > On May 11, 2019, at 12:34 PM, Ned Freed <ned.freed@xxxxxxxxxxx> wrote: > > It's even better to continue to have customers and stay in business. Why would you say this? Of course we all understand that there will be pressure to do less work, and consequently produce less secure implementations. The question is, should the IETF assist or hinder this practice? Should we normalize it or, not to put too fine a point on it, write our specs in such a way that when you do this it’s easy to demonstrate misfeasance when you are taken to court?