W3C home > Mailing lists > Public > ietf-discuss@w3.org > November 2002

Re: Mandatory MIME security

From: Keith Moore <moore@cs.utk.edu>
Date: Thu, 07 Nov 2002 13:15:20 -0500
Message-Id: <200211071815.gA7IFKl10895@astro.cs.utk.edu>
To: Dave Crocker <dcrocker@brandenburg.com>
cc: moore@cs.utk.edu, discuss@apps.ietf.org

> Thursday, November 7, 2002, 9:34:20 AM, you wrote:
> Keith> It seems quite reasonable to me that different MIME-based apps would
> Keith> make different choices here,
> 
> perhaps, except for the facts that,
> 
> a) they do not currently make those choices based on benefits of one over
> the other,

I can't speak about any of the IETF groups making such choices.  But
I can say there are certainly benefits of each one over the other, 
depending on what you are doing and the kind of deployment (and in 
particular the kinds of trust relationships) you expect.  That doesn't 
mean you can't make either one work for whatever purpose, but for
either choice applying it to some purposes are harder than others.
I think that its the real source of the division.
 
> b) there is no clear guidance about the differences between the two that
> warrants choosing between them,

clear guidance would help.

> c) as I note in the draft, having different working groups make different
> choices merely serves to ENSURE continued market fragmentation.

that's not apparent to me.  maybe it's explained in the draft,
which I haven't read yet.
 
> Let's be clear:  my draft is not about the merits of either spec, nor about
> the merits of seeking a single standard.  It is about the nasty but
> well-established market realities that we face for MIME security.
> 
> A standards group that ignores market feedback is engaged in expensive
> efforts with no practical benefit.

is there really just one market here?

Keith
Received on Thursday, 7 November 2002 13:16:02 UTC

This archive was generated by hypermail 2.3.1 : Monday, 16 July 2018 13:05:40 UTC