[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Truce (was Re: Comments on CRACK)

"Theodore Y. Ts'o" wrote:
> We're arguing over protocols when we haven't agreed what the basic
> requirements are; as a result, we have multiple different incompatible
> protocols (including more than one version of XAUTH), all trying to
> solve the same problem, and people talking past one another about what's
> important and what's not.
> In my opinion, what we need to do is call a halt, take a deep breath,
> and return to basics --- to wit, a formal requirements document.  This
> may take time, but it's likely to be the one that's most likely to yield
> forward progress.  Xauth and its sister contenders have been on the
> table for a long time, and we haven't been able to come to consensus so
> far; does anyone really think that we will be able to obtain consensus
> by continuing this path?

Of course, Ted is right. The dogmatic tone of our discussion to date is
ample evidence of that. I am going to resist the urge to reply to the
pile of email on this topic this morning pending further requirements
discussion. I suggest that Vipul Gupta's remote access draft is probably
a very good starting point for a requirements draft. Does anyone else
have an opinion on this (need I ask)?