On Mon, Oct 04, 2010 at 11:14:20AM -0400, Joe Abley wrote:
>
> On 2010-10-04, at 11:11, Eric Rescorla wrote:
>
> > Carefully specified, perhaps, but what you're saying here also makes me
> > think it was
> > also incorrectly specified, since, as I said, the technique I described is
> > well-known,
> > and failing to do so leads to precisely the complications that are at issue
> > here.
>
> Regardless of what you think of it, what we have is what we have. Specifying
> a trust anchor publication strategy that works with something different seems
> a little pointless.
i think the correct point is, this work documents what _was_ done, eg.
a historical
fact. It also lays out what the authors think is best practice, given
the current
constraints.
Its kind of tough to argue w/ someones beliefs.
Facts - yes, beliefs - not so much.
If there are factual errors in what occured, those can and should be
corrected.
> > So, rather than designing a bunch of kludgy workarounds, it would be better
> > to ask
> > what the right thing to do is, even if that requires changing some
> > preexisting
> > document.
>
> Workarounds to what?
>
> I have not heard a clear description of a problem yet, just a lot of possible
> solutions.
And yet, you were part of a team that spent hundreds of thousands of
dollars
and several man-years working on a solution to a, as you state above,
to a
problem without a clear statement?
I'd susggest that there might be better ways to do key management and
that EKR
might have some good ideas on the subject. But thats _future_ work.
--bill
>
>
> Joe
>
> _______________________________________________
> DNSOP mailing list
> [email protected]
> https://www.ietf.org/mailman/listinfo/dnsop
_______________________________________________
DNSOP mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dnsop
