- From: Dave Crocker <dcrocker@brandenburg.com>
- Date: Tue, 27 Jul 1999 15:35:18 -0700
- To: Brian E Carpenter <brian@hursley.ibm.com>
- Cc: Larry Masinter <masinter@parc.xerox.com>, discuss@apps.ietf.org
At 03:10 PM 7/27/99 , Brian E Carpenter wrote: > > A document that gives security guidelines for IETF protocols > > should explain this policy and its impact. > >Not while I'm in the liability line of fire, thank you. Permit me to presumptuously re-word Larry's suggestion: A particular set of security technology and operations constraints are believed by the expert security technical community to carry a particular set of exposures and might also carry a set of mis-perceived comforts. It would be entirely reasonable for the IETF/IAB to produce a paper stating those constraints, exposures and mis-comforts. Done objectively, the fact that the constraints might perfectly align with a particular group's security policies seems unlikely to create legal exposures (though, yes, I would expect the legal mis-comforts to continue.) d/ =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Dave Crocker Tel: +1 408 246 8253 Brandenburg Consulting Fax: +1 408 273 6464 675 Spruce Drive <http://www.brandenburg.com> Sunnyvale, CA 94086 USA <mailto:dcrocker@brandenburg.com>
Received on Tuesday, 27 July 1999 18:50:10 UTC