On Sun, Jun 2, 2024 at 10:17 AM Russ Housley <hous...@vigilsec.com> wrote:
> EKR: > > I agree with most of your points about the process, but I want to respond > to this paragraph in particular. > > Similarly here, if the WG feels that a change is sufficiently large to > require formal analysis then the WG -- and more specifically those who > want the work to move forward -- need to figure out how to get that > analysis done, though of course the triage panel or the broader > community might help facilitate if there is enough demand or interest > in the work. > > > There was no consensus call by the WG Chairs. During WG Last Call, a few > people asked for formal analysis, but others felt that the informal > analysis in the document was good enough. > Agreed. The WG now needs to make a determination if one is required (unsurprisingly I think the answer should be yes), but I agree that has not happened. Sorry if my message gave a different impression. I realize that we are quite purposefully embracing formal analysis. It is > a good thing. The number of people that have experience with the tools is > very small. If this is going to be successful enough to expand to other > protocols, then we need to find ways to expand the size of this group. > I agree. I am hoping that if we are successful with routine use of formal analysis with TLS this will make the path easier for other protocols. -Ekr
_______________________________________________ TLS mailing list -- tls@ietf.org To unsubscribe send an email to tls-le...@ietf.org
