W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2006

Re: security requirements (was: Updating RFC 2617 (HTTP Digest) to use UTF-8)

From: Bjoern Hoehrmann <derhoermi@gmx.net>
Date: Wed, 18 Oct 2006 02:35:09 +0200
To: "Robert Sayre" <sayrer@gmail.com>
Cc: "HTTP Working Group" <ietf-http-wg@w3.org>
Message-ID: <j5taj29f10langai2k0hgitl7hstqheg2f@hive.bjoern.hoehrmann.de> 

* Robert Sayre wrote:
>On 10/17/06, Lisa Dusseault <lisa@osafoundation.org> wrote:
>>
>> Since there are so many ways to approach this, so many variations in
>> what specs are revised and how they depend upon each other, I can't
>> say whether I, or the IESG, expect a revision to RFC2616 to "step
>> into" the area covered by RFC2617.
>
>Perhaps we should poll the HTTP community as a start. Does anyone
>think mandatory-to-implement security mechanisms will be helpful and
>realistic?

Of course! Are you proposing to remove all the existing mandatory-to-
implement security mechanisms in RFC 2616 and RFC 2617?
-- 
Björn Höhrmann · mailto:bjoern@hoehrmann.de · http://bjoern.hoehrmann.de
Weinh. Str. 22 · Telefon: +49(0)621/4309674 · http://www.bjoernsworld.de
68309 Mannheim · PGP Pub. KeyID: 0xA4357E78 · http://www.websitedev.de/
Received on Wednesday, 18 October 2006 00:35:20 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 12 September 2008 03:48:54 GMT