[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Does the problem need solving?

At 4:07 PM -0400 6/19/07, Tim Polk wrote:
If you look at the goals specified in the introduction of draft-narten-successful-bof-02.txt, we will be concentrating on the first two:
demonstrate that the community has agreement that:

    - there is a problem that needs solving, and the IETF is the right
      group to attempt solving it.

    - there is a critical mass of participants willing to work on the
      problem (e.g., write drafts, review drafts, etc.)

Even though we have gone well over a decade without an interoperable solution, I think we got here mostly through applied denial and kludges. One result of that has been that organizational users of PKI are stuck with having to live with the trust decisions made by their OS vendors, their applications vendors, or both. Another is that people have been trained to click through the "this cert is not signed by a trusted root" dialog because it is too hard for an enterprise to push their desired trust anchors to their employees.

I would argue in favor that the problem needs solving. I hope that there is also a critical mass of people who care enough about the future of the PKI user experience to do the work.

--Paul Hoffman, Director
--VPN Consortium