Colleagues - One of the premises of this initiative (perhaps the main premise) was that product developers would be willing to be governed by the results of an industry consensus process when it comes to handling certificates and acting on the results of certificate validation. That is, that developers would see value in claiming conformance to any resulting standard. For instance, suppose consensus were to emerge that certain certificate validation failures should be "fatal" (i.e. the associated application should refuse to perform the requested operation), would application developers be willing to modify their products accordingly?
Nothing in the discussions on the list to date confirms or refutes the premise. I think it would be useful to hear from developers of relevant products how they would view the outcome of this type of IETF initiative. Thanks a lot. All the best. Tim. T: +1 613 270 3183
_______________________________________________ wpkops mailing list wpkops@ietf.org https://www.ietf.org/mailman/listinfo/wpkops