Re: [yam] [secdir] secdir review of draft-ietf-yam-rfc1652bis-03

[S Moonesamy <sm+ietf@elandsys.com>]

Hello,

The Last Call for draft-ietf-yam-rfc1652bis-03 ended 
yesterday.  There wasn't any comments.  This I-D will be evaluated by 
the IESG on March 11.  I am waiting for a recommendation from Dave 
regarding the Secdir review.

At 03:35 06-03-10, Alessandro Vesely wrote:
>Yes, it is the deployment of a security add-on, though.

After reading the WG feedback, I prefer not to explore this question further.

>I don't know what "actual substance" outside of yam's scope Dave has 
>been talking about.

I'll refer you to Dave for the authoritative answer.  My 
interpretation is that there can be a good argument in support of a 
change but that change may not be within the parameters set in the 
YAM WG Charter.  It has to be demonstrated that a change "contributes 
in a substantial and substantive way to the quality and 
comprehensibility of the  specification".

>Mail is often overlooked during generic talks about Internet 
>security, where they primarily consider the web and the DNS. My 
>feeling is that the WG should attempt to correct such general 
>stance, but not at the cost of "leading to madness", in John's words.

Your last sentence sums up why it may not be a good idea for the YAM 
WG to attempt to correct that.

>For the specific 8BITMIME case, I also agree with what Ned has said. 
>It would sound grandiloquent to say that 8bit is dangerous because 
>it is one of the many ways to break DKIM. I don't think it is a real concern.

Noted.

I'll comment off-list on the last paragraph of your message as I will 
be off-topic.

Regards,
S. Moonesamy
YAM WG Secretary