making progress

Based on the discussion over the past few days, I see a
couple of ways to make progress:

1) Try to come to closure on an updated/fixed specification
	of SSLv3.0 for the standards track, with no major
	changes
2) Split the document into the handshake and record layer
	pieces, and add additional documents for issues
	like shared-key authentication as needed
3) Continue discussion on changes such as shared-key
	authentication and attribute certificates until
	we have something to move forward

#1 can probably happen quickly, but may delay getting some
of the other issues resolved.

#2 might be possible, but runs the risk of wading into a morass of
complexity.

#3 is looking like we are unlikely to close for the December meeting.

Some questions to consider as well:

1. If we pursued option #1, and then never did anything else,
would the WG have been successful?

2. Can option #2 be reasonably executed in finite time, given
the experiences in other working groups?

3. Is it better now to advance the state of the art, given that we
have some user requirements, or simply to codify the current use?

Comments appreciated.

	- Win Treese

Received on Monday, 21 October 1996 01:28:39 UTC