W3C home > Mailing lists > Public > ietf-discuss@w3.org > July 1999

RE: IAB draft on security

From: Paul Hoffman / IMC <phoffman@imc.org>
Date: Wed, 28 Jul 1999 09:47:16 -0700
Message-Id: <4.2.0.58.19990728094325.009a1680@mail.imc.org>
To: discuss@apps.ietf.org
At 05:02 PM 7/27/1999 -0700, Dave Crocker wrote:
>I don't agree.
>
>In effect, 1984 makes a set of cases about general issues.  It's entirely 
>generic.
>
>I think that something which analyses current detail would be appropriate.

I fully agree with Dave.

The question of "what about export rules" come up so often in various 
security debates that it really should be dealt with in the secmech 
document. Two or three paragraphs explaining why the IETF rules were 
adopted, what has transpired since RFC 1984 that have shown the rules to be 
good ones, and advice to implementors who are faced with legal issues 
implementing the mechanisms described in secmech would go a long way to 
getting security actually implemented correctly.

We're not trying to change the laws here, simply to explain why we are not 
paying attention to some transient local laws when we design protocols with 
security.

--Paul Hoffman, Director
--Internet Mail Consortium
Received on Wednesday, 28 July 1999 12:48:40 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 23 March 2006 20:11:26 GMT