[ietf-dkim] Re: the Internet is inherently insecure
nobody at xyzzy.claranet.de
Tue Jan 31 16:01:55 PST 2006
J.D. Falk wrote:
> Are there truly no bounds on the threat analysis?
Of course there are, as Phil explained it yesterday: Get some
"WG rough consensus" and a GO from the proto-shepherd (or from
the real shepherd, Russ), submit to IESG, get GenArt review
nits and IESG [Discuss], fix that in a new revision supported
again by "WG rough consensus" and another GO, submit it again
to the IESG. Let at most five (?) [Discuss] drop to [Abstain]
turning the rest into [No objection] or [Yes], that's all.
The potential deadloop if there's no GO is a bug in the proto-
draft. If the real shepherd refuses to vote "yes" it would be
a rather odd case (but it's not impossible), and we're in some
Best plan would be to ask for an "IETF last call", that would
avoid IESG attempts to try stupid things (like "senderid").
It would also almost guarantee that we don't get away with an
insufficient threat analysis. The real danger are bad RfCs,
not procedural dead locks. It has to be good enough for the
folks that are no "DIM fans", or generally of screwing with
mail and / or security.
More information about the ietf-dkim