[995] in WWW Security List Archive
Re: Comments on STT Spec Implementation Details
daemon@ATHENA.MIT.EDU (Perry E. Metzger)
Thu Oct 5 18:27:38 1995
To: Rick Johnson <rickj@microsoft.com>
cc: cypherpunks@toad.com, www-buyinfo@allegra.att.com,
www-security@ns2.rutgers.edu
In-reply-to: Your message of "Tue, 03 Oct 1995 19:52:48 +0700."
<9510040519.AA05397@netmail2.microsoft.com>
Reply-To: perry@piermont.com
Date: Thu, 05 Oct 1995 14:55:39 -0400
From: "Perry E. Metzger" <perry@piermont.com>
Errors-To: owner-www-security@ns2.rutgers.edu
Rick Johnson writes:
> We're very interested in feedback and specifics on this. We worked to
> keep _only_ the detail we felt required to implement STT -- the
> language is intentionally terse. However, it is in everyone's best
> interest that the STT spec is completely understood and implementable.
My suggestion, which I made when Microsoft made a presentation at the
IETF meeting in Stockholm and then had the gall to say "oh, no, we
don't intend to publish an internet draft" is that you publish this as
an internet draft and try to shepard it through the IETF's
standardization process. You will, of course, be savaged, but that is
in the interests of everyone, including you.
The belief that companies can make more money by following proprietary
solutions and imposing them on the world as standards is falling
away. It is in Microsoft's interest that the standard that is adopted
for commerce be open, publically discussed at length, and brutally
critiqued. Losing a bit of control in exchange for actually getting
something that works out for you and your customers is in your interest.
Perry
