On 18 February 2015 at 18:36, Santosh Chokhani <[email protected]> wrote: > Ben, > > The document at least should describe what the residual vulnerability is if > the client does not take appropriate/recommended action.
I agree, and that is what I suggested in my response... > > -----Original Message----- > From: Trans [mailto:[email protected]] On Behalf Of Ben Laurie > Sent: Wednesday, February 18, 2015 11:25 AM > To: Karen Seo > Cc: [email protected] > Subject: Re: [Trans] updated attack analysis > > On 17 February 2015 at 19:04, Karen Seo <[email protected]> wrote: >> Folks, >> >> Sorry if my message implied that I thought the text was in its final >> form. I agree that there is not yet consensus on the text/topic and >> that further work is needed. However, if the working group agrees that >> the threat analysis should be added to 6962, then I believe it would >> be more expedient if the text were incorporated into 6962-bis sooner rather >> than later. >> Anyone who reviews 6962-bis will then likely review this text, >> increasing the number of eyes on it. And having the threat analysis >> in the draft will hopefully facilitate its use in ensuring that the >> document is consistent/correct/complete. Perhaps we could incorporate >> the next revision of the text with any remaining unresolved comments >> placed in the issue tracker? What do folks think? > > I would happily use it as a starting point for text in 6962-bis, but I would > feel compelled to remove text that attempts to force issues which the WG has > already decided to defer to later documents (such as the definition of a > gossip protocol), or has decided it does not have jurisdiction over (such as > client behaviour). > > _______________________________________________ > Trans mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/trans _______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
