On 9/10/18 3:15 PM, Ryan Sleevi wrote: > Could the chairs clarify: Given Draft-15 has been published, is there an > intent to surface a new WGLC? Or is the view that Draft-15 should only > address the specific feedback raised, and no new issues can be noted?
The correct answer to nearly every question is "it depends," and in this case it depends on the following sentence: > As > it stands, I don't believe the document is reflective of the existing or > proposed CT ecosystem as it relates to the Web PKI, nor accurate in the > problems it does describe or addressing the problems that many in the > ecosystem are concerned about. If this document isn't accurate with respect to the protocol, deployments, or both, that's a serious problem. For the threat analysis to be helpful it has to be correct. If the draft can be revised to be brought into line with what's been learned from implementation and deployment experience, and it results in a substantial rewrite, it will need to go into working group last call again. We can streamline it a bit by resolving issues as they're raised and then use a shortened wglc. Whether or not the result would be useful in practice is a question for the community, not the chairs. Thanks for the effort so far (and the effort yet to come!), Melinda -- Melinda Shore [email protected] Software longa, hardware brevis _______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
