[rfc-i] Signing RFCs
bob.hinden at gmail.com
Wed Jun 29 10:03:23 PDT 2011
> Using one's own digital signatures to validate that the storage of the RFC copies is secure is reasonable (under the assumption the signing key is well secured)…
> I have no object to signing RFC, even if just for the hell of it.
Good to hear.
> I simply don't agree that they'll have a significant impact on the amount of work required by the IETF (and/or related organizations) to respond to subpoenas and other legal enquiries.
Only time will tell. Who knows, maybe we will help set an important legal precedent. If not, then it won't.
> The best way to reduce the work is to limit your response to facts you know, not opinions you have or might be able to develop.
> I have no problem with the RFC Editor, in response to a question about RFC XXX published on DATE Y, answering "Here's RFC XXX as published today" and simply not offering an opinion as to what was published on DATE Y. For all the RFC Editor knows, the server could have temporarily published something else on that date, digital signatures or not.
> -- Kurt
More information about the rfc-interest