On Tue, Nov 19, 2013 at 10:39:00AM +0100, Eliot Lear <[email protected]> wrote a message of 55 lines which said:
> in fact there are several different forms. I find three: 1) Encryption without a peer-specific arrangement. This is the meaning used in RFC 4322. Can be safe. 2) Encryption without authentication. This is the meaning used in RFC 5386. Safe only against a purely passive attacker. 3) Encryption with a fallback to unencrypted mode. This is the Wikipedia definition. Certainly unsafe. draft-cooper-ietf-privacy-requirements-01 mixes 1) and 2) > As such, it's a good opportunity for an informational document. Volunteers are welcome to start from the list above :-) _______________________________________________ ietf-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/ietf-privacy
