On Mon 2015-06-08 14:02:52 -0400, Melinda Shore wrote:
> Thought this one should be run past the working group: should
> a description of the implications of clients not doing certain
> optional checks be moved to the threat analysis draft?
Yes, i think it belongs in the threat analysis, so that we can keep
mechanism separate from more in-depth analysis.
The analysis might also be more nuanced than piecemeal implications on a
per-client basis: this is a sort of "herd immunity" situation, there are
may be ways that the system breaks down when only some fraction of
participants behave in certain ways. I don't know how to characterize
this sort of tradeoff explicitly, but perhaps some of the folks modeling
CT behavior can contribute details? They would certainly be good for us
to understand.
This analysis is important, but it might be too complex to overload
6962bis with, if we want 6962bis to be an effective implementer's
reference. putting it in the threat-analysis draft would let us treat
the topic in more depth, if anyone has research worth sharing with the
community.
--dkg
_______________________________________________
Trans mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/trans
