Re: rough consensus

[Kent Crispin <kent@xxxxxxxxxxxxxxxxxxxx>]

On Thu, Oct 30, 1997 at 04:11:20PM +0100, Ulf Möller wrote:
> Several WG members and other recognized crypto experts consider any
> form of message recovery dangerous, others do not agree with the way
> it is implemented in PGP in particular.

However, these are primarily political considerations.  Certainly, 
there are security implications as far as message recovery is 
concerned, but security considerations are application-specific -- 
that is, most commercial applications don't require anything 
approaching military-grade secrecy.  And certainly, with care, CMR as 
implemented by PGP can be *very* secure.

> So, if the IESG gives its WG chairs the power to decide whatever they
> consider appropriate, fine, but please save ourselves the Newspeak of
> calling that "rough consensus".

Perhaps, then, you would rather have no standard at all, than a
standard that refers to PGP's CMR implementation?  

To put it a bit more baldly, the question is are you willing to
disrupt the process if you don't get things your way?  And, given 
that some people will answer that in the affirmative, how would you 
expect the WG chair to handle it?

-- 
Kent Crispin				"No reason to get excited",
kent@xxxxxxxxxxxx			the thief he kindly spoke...
PGP fingerprint:   B1 8B 72 ED 55 21 5E 44  61 F4 58 0F 72 10 65 55
http://songbird.com/kent/pgp_key.html