Russ,
I really appreciate all the careful review you've given this. May
I ask you, though, not to hold the document on this issue? This has been
on the IESG plate for a very long time, and it is now very clearly marked
as a non-IETF view of the world. Though I'm sure we could continue
the dialog on these with the authors, I would really appreciate us having
that once the documents are published.
regards,
Ted
At 5:04 PM -0400 7/9/03, Russ Housley wrote:
draft-sun-handle-system-11.txt
Most of my previous concerns have been resolved. One remains.
In section 7.3, it says: "The trust between the client and its proxy
and caching server has to be setup independently." If the server
returns a signed response, I assume that the client can determine that
it came from the correct source, regardless of the number of proxies
that are in the middle of the communications path.