[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Issue with the requirements document: PKIX-centric terminology
If we don't include their documents as a normative reference does this still
hold true? We don't expect everybody that might use TAM deliverables to
have publiclly available documents for their architectures, etc. We do
expect and want people to come and contribute to the work - but the oneous
is on them to see that it supports their use cases.
Certainly someone may make use of TAM even if we never know about
their context, protocol constraints, etc.
The question I was raising is whether we consciously try to
accommodate use cases that depend on standards controlled by other
organizations (without a liaison relationship) or in areas where
there are no standards and where proprietary mechanisms are the rule.
A secondary question is, if we do try to accommodate use cases from
such contexts, do we give them equal weight relative to use cases
that reside within the IETF purview. For example, if we have X.509,
OPGP, and DNSSEC-based use cases, do we pay more attention to them?