[ietf-dkim] Expediting the threat analysis for -core
Scott Kitterman
ietf-dkim at kitterman.com
Mon Nov 21 06:56:00 PST 2005
On Fri, 18 Nov 2005 08:12:32 -0800 Dave Crocker <dhc at dcrocker.net> wrote:
>Folks,
>
>My impression is that the threat analysis for SSP is far, far more
>challenging than for the core DKIM services. At the least, this is
because
>we understand SSP far less.
>
>This means that having the threat analysis document include the SSP area
of
>concerns is certain to protract producing the document. Since the threat
>analysis document is in the critical path of producing the core document,
>that means delays in getting out the base specification of the working
group.
>
>Methinks it worth considering de-coupling things at the TA level, not just
>the specification level.
>
I agree that there has been a lot of traffic on SSP security concerns. I
don't think that the volume of traffic is related to actual uncertainty
about SSP security.
Scott K
More information about the ietf-dkim
mailing list