W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > October to December 2001

Re: XML Signature is "evil" ;-))

From: Donald E. Eastlake 3rd <dee3@torque.pothole.com>
Date: Sun, 09 Dec 2001 07:19:19 -0500
Message-Id: <200112091219.HAA0000035914@torque.pothole.com>
To: Svgdeveloper@aol.com
cc: w3c-ietf-xmldsig@w3.org

From:  Svgdeveloper@aol.com
Message-ID:  <c9.19bb0de8.29420a33@aol.com>
Date:  Fri, 7 Dec 2001 07:04:03 EST
To:  w3c-ietf-xmldsig@w3.org

>> > When I see an article that refers to "Draft Standard" (capitalised) stage for 
>> > a W3C specification, I have to ask if the author understands W3C process.
>> On the other hand, if you know the first thing about IETF process then you
>> know that "Draft Standard" is the step after "Proposed Standard" and before
>> "Standard", and it's a lot more official than the word "Draft" makes it 
>> sound.
>The above was sent to me off list and raises, from my point of view, an issue 
>relating to IETF process which I hope isn't too off topic.
>Some list members may be aware that a reason W3C issues "Recommendations" 
>rather than "Standards" is that W3C is a non-governmental body and, so I 
>understand, only inter-governmental bodies have an official right to issue 

The opinion of may people in the IETF is that the above is
superstition.  In fact, the status of something as being mandated by
government immediately makes some IETF people suspicous.  After all,
if a network protocol was worth anything, people would use it
spontaneously and the greatest strength of the early IETF efforts was
that they were not even just purely voluntary but their adoption was
activley discouraged by most civil governments.

>What is IETF's viewpoint on issuing "Standards"? Is it, implicitly, claiming 
>that an IETF "Standard" is legitimately so named?

Surely it's implict and obvious from the IETF documents which give the
procedures for the issuance of what the IETF and virtually everyone
else in the unvierse calls standards? Are you actually being so
pedantic as to make a distinction based on the captialization in
English of the word S/standard? How is this different from the PKCS
series of Public Key Cryptogrpahic Standards issued by RSA or the
zillions of other standards issued by consortia and companies? Given
the demonstranted incompetance of governments at promulgating
successful internetworking protocols, why should they have some magic
monopoly on the word "standard"?

>I am not trying to start a flame war or any such thing. But it does seem 
>potentially confusing that IETF issues "Standards", given what I understand 
>to be the status of IETF.

Although it was common in the early days of the IETF, I haven't heard
anyone raise the issue you do for over five years. It's sort of
refreshing, actually... If governments want to impress people who are
impressed by governments, they should label their stuff "government
standards" to avoid confusion.

>Andrew Watt

Received on Sunday, 9 December 2001 07:21:58 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:21:36 UTC