- From: Robert Sayre <sayrer@gmail.com>
- Date: Tue, 17 Oct 2006 20:38:15 -0400
- To: "Bjoern Hoehrmann" <derhoermi@gmx.net>
- Cc: "HTTP Working Group" <ietf-http-wg@w3.org>
On 10/17/06, Bjoern Hoehrmann <derhoermi@gmx.net> wrote: > * Robert Sayre wrote: > >On 10/17/06, Lisa Dusseault <lisa@osafoundation.org> wrote: > >> > >> Since there are so many ways to approach this, so many variations in > >> what specs are revised and how they depend upon each other, I can't > >> say whether I, or the IESG, expect a revision to RFC2616 to "step > >> into" the area covered by RFC2617. > > > >Perhaps we should poll the HTTP community as a start. Does anyone > >think mandatory-to-implement security mechanisms will be helpful and > >realistic? > > Of course! Are you proposing to remove all the existing mandatory-to- > implement security mechanisms in RFC 2616 and RFC 2617? Björn, This is not a very helpful answer. Let me be more specific. Does anyone think mandatory-to-implement authentication schemes or transport-layer security mechanisms will be helpful and realistic? -- Robert Sayre "I would have written a shorter letter, but I did not have the time."
Received on Wednesday, 18 October 2006 00:38:21 UTC