On Tue, Aug 28, 2012 at 10:58 AM, Tim Moses <tim.mo...@entrust.com> wrote: > Colleagues - As discussed, the idea is to document the Web PKI as it is > practiced today. Generally, that means considering product versions other > than the most recent one from each significant supplier. But, in order to > keep the workload at a manageable level, we will have to eliminate product > versions that are seldom encountered today. Without making reference to > specific products and versions, it's tough to come up with an objective > criterion for identifying the versions that deserve to be documented. > Therefore, I believe we have to rely on experts' judgments. > > As a guide, we might agree that, in order to warrant consideration, a > technique must be involved in more than one percent of connections that use > the Web PKI. While we would not attempt to apply this threshold with any > precision, contributors may appeal to it in order to justify their exclusion > of a particular technique. Then the disputant would be called upon to > demonstrate that the technique was more prevalent. > > What do others think?
1% seems reasonable although, if anything, a little high. There are workarounds that apply to less than 1% but are, none the less, important. But any number 0.1%..1% seems sane. Cheers AGL _______________________________________________ wpkops mailing list wpkops@ietf.org https://www.ietf.org/mailman/listinfo/wpkops
