W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2006

Re: security requirements (was: Updating RFC 2617 (HTTP Digest) to use UTF-8)

From: Robert Sayre <sayrer@gmail.com>
Date: Wed, 18 Oct 2006 14:32:48 -0400
Message-ID: <68fba5c50610181132k7d2ca719hbb7f696bc898cdf8@mail.gmail.com>
To: "Julian Reschke" <julian.reschke@gmx.de>
Cc: "Roy T. Fielding" <fielding@gbiv.com>, "HTTP Working Group" <ietf-http-wg@w3.org> 

On 10/18/06, Julian Reschke <julian.reschke@gmx.de> wrote:
> Roy T. Fielding wrote:
> >
> > So, if anyone thinks that a secure authentication scheme is a cool
> > thing, they should propose one and eventually update RFC 2617 to
> > include it, at which point it will be an OPTIONAL secure auth
> > mechanism for HTTP/1.1
>
> I think that makes it clear that a revision of HTTP/1.1 can't make that
> change

I agree.

-- 

Robert Sayre
Received on Wednesday, 18 October 2006 18:32:54 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:49:53 GMT