Whoops, Sara is right and I was wrong. What the WG agreed to was in the
slides in Yokohama:
=====
Explicitly state that an upcoming document will define further
authentication profiles
Draft in development, will be submitted ASAP
This draft will document Opportunistic and briefly cite the risk-benefit
for it
This draft will provide a brief sketch of authentication in the case
where there is a two-way active relationship between the client and the
server (e.g. enterprise)
=====
Unlike what I said a bit ago, we obviously can't pull out the current
security requirements and point to a future document: that will never
fly with the IESG (and nor should it).
--Paul Hoffman
_______________________________________________
dns-privacy mailing list
dns-privacy@ietf.org
https://www.ietf.org/mailman/listinfo/dns-privacy
