W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > May to August 1998

Minutes for HTTP working group meeting

From: Larry Masinter <masinter@parc.xerox.com>
Date: Thu, 27 Aug 1998 10:00:38 PDT
To: minutes@ietf.org
Cc: HTTP Working Group <http-wg@hplb.hpl.hp.com>
Message-Id: <000301bdd1dc$372abd00$aa66010d@copper.parc.xerox.com>
Minutes for the HTTP working group; Larry Masinter, Chair
42nd IETF.  Monday August 25, 1998
Reported by Ted Hardie (hardie@nasa.gov) and Larry Masinter;
please send any corrections or additions ASAP.

This (really!) was the last meeting of the HTTP working group
at IETF. The intent is to have final drafts submitted to 
internet-drafts, and forward to the ADs for Last Call, by 
the end of this week.

-  Implementation reports
-  Main draft: report on final issues
-  Authentication draft: report on final issues
-  closing the working group

Implementation Reports: 

Jim Gettys led a review of the status of implementation reports on the
base specification. To be fully satisfied, he believes the group
should put forward two interoperable implementations each for client
and server and should ideally put forward two proxies as well except
for the case where proxy behavior is no different than other parties.

Current implementation reports lack adequate testing of entity tags,
transport encoding, and trailers. One set of reports from a firewall
proxy have been removed from those indicate because it functioned
largely as a tunnel; we now need one additional report from a proxy
implementing DELETE.

For digest we have one fully tested client and one fully tested
server. Some of the newer features related to 3rd party authentication
are not yet available in any tested server. No proxy implementations
are yet available. The latest draft changes one of the hashes, so
current implementations will need to fix that and re-test.

At present the group believes that proxy authentication using Digest
requires no special handling, so that we will try to move forward
to IESG with the implementation reports that we currently have.

Independent of the "implementation reports", the chair raised the
question of whether there might still be a face to face event,
to insure interoperability in the context of complex interactions.
Yaron Goland of Microsoft suggested (and Josh Cohen later confirmed)
that the offer to host such an event still stood. A co-event with
ApacheCON or some similar event was also suggested.  Coordination
on such an event is continuing with; some of the participation can
be remote, although proxy testing seems to require more interaction.
Please contact Josh Cohen <joshco@microsoft.com> for arrangements.

Main HTTP Draft: Jim Gettys

Jim listed a number of editorial changes related to RFC2119 use of
MUST/MAY/SHOULD; the new draft will move all normative language out of
notes, for the sake of clarity. He also reviewed and the working group
accepted language around the NO-TRANSFORM flag.

After discussion of the merits of allowing Content-MD5 and Digest
Authentication headers to appear in trailers when a message is
chunked, the group decided to adopt Roy Fielding's proposal, which
states that Servers should not send essential headers in the trailer
when the Via headers indicate a 1.0 proxy may be part of the chain;
the group will also include language from Paul Leach which indicates
ways in which an upstream 1.1 proxy might assist a 1.0 proxy in
handling very large chunked responses using these trailers.

The working group discussed a proposal to create a method registry for
HTTP methods, but decided that related work implied a larger scope
than could be adopted by the group at this time. The group working on
HTTP-EXT has a current proposal on this topic, and it will be the
basis for further discussion and that group will be the forum for
further discussion.

The working group reconsidered the 416 header briefly; there is an
existing implementation of 2068's advice on out-of-bound ranges which
conflicts with the advice in 416. After discussion which reiterated
previous positions, the chair ruled that the group had come to rough
consensus on this matter and the issue would remain closed.

In response to a question on the use of Upgrade by Carl-Uno Manros,
the group noted that it does not see any need for changes to the
current specification to allow UPGRADE to work with TLS; it does
require a specification of a token for this use. Rohit Khare has
written a draft to this end and it will be passed by the TLS working
group before being sent to the IESG as an individual submission.

Jim Gettys offered to try to finish the main draft by 8/27, so that
it could be completed before the end of this IETF meeting.

Authentication draft: Scott Lawrence

A small editorial change is needed to the current draft to improve the
language related to Digest-URI. The URI is a component of the
authentication hash, but because of proxy transformation, the received
request-URI and the Digest-URI may differ. It is the server's
responsibility to ensure that the two refer to the same resource, and
the language will be tightened to make that clear.

An editorial change related to the scope of damage related to snooped
passwords is needed; the changes will be based on the language sent to
the list.

Scott Lawrence and Paul Leach offered to submit a revised draft
of the Authentication draft by 8/27, so that it could be submitted
before the end of this IETF.

- Closing the working group

The chair went through the steps needed to close the working group:

1)  Submit final drafts
2)  Submit implementation reports
3)  Send document to A-D for review
4)  IETF Last Call
5)  IESG review
6)  RFC Editor publication

These elements might be pipelined to finish more quickly; the
most serious element for quick conclusion are the implementation
reports, which, of course, depend on implementation testing
of the few remaining insufficiently tested features; if this can
happen in the next week, we can send the documents to the A-D
for review and IETF Last Call, which will likely be simultaneous.
Given the wide review that has already occurred in the working
group, it is likely that the IESG review will not be lengthy.

The working group will close after (5), which is likely as
soon as 2-3 months from now, and certainly before the next IETF

The working group mailing list will remain open after the close
of the working group.

At the close of the meeting, Keith Moore solicited feedback on the
IESG draft describing layering other protocols on top of HTTP,

Feedback should go to the IESG or discuss@apps.ietf.org.
Received on Thursday, 27 August 1998 10:05:38 EDT

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:33:20 EDT