[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Issue with the requirements document: PKIX-centric terminology


If we don't include their documents as a normative reference does this still
hold true?  We don't expect everybody that might use TAM deliverables to
have publiclly available documents for their architectures, etc. We do
expect and want people to come and contribute to the work - but the oneous
is on them to see that it supports their use cases.



Certainly someone may make use of TAM even if we never know about their context, protocol constraints, etc.

The question I was raising is whether we consciously try to accommodate use cases that depend on standards controlled by other organizations (without a liaison relationship) or in areas where there are no standards and where proprietary mechanisms are the rule. A secondary question is, if we do try to accommodate use cases from such contexts, do we give them equal weight relative to use cases that reside within the IETF purview. For example, if we have X.509, OPGP, and DNSSEC-based use cases, do we pay more attention to them?