On Mon, Jan 06, 2020 at 11:28:50AM -0500, Michael Richardson <mcr+ietf@xxxxxxxxxxxx> wrote a message of 201 lines which said: > Myself, I find the use a machine parseable file in format ".txt" to > be counter-intuitive. Others have said it should be .json, and that > we should use JOSE to sign. Strong *no* from me. The entire idea of security.txt was for it to be simple to *write*, with ordinary tools, and no need to check the syntax. Otherwise, adoption would probably suffer. > 2) it is .json, it is machine parseable, and is JOSE signed. Pointers to software to create JOSE signatures from a JSON file are welcome. > I think that foundil-securitytxt should go back to saag for discussion. I disagree. -- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call
