W3C home > Mailing lists > Public > ietf-http-wg@w3.org > April to June 2007

Re: Straw-man charter for http-bis -- call for errata/clarifications to 2617

From: Robert Sayre <sayrer@gmail.com>
Date: Thu, 31 May 2007 01:28:39 -0400
Message-ID: <68fba5c50705302228v7f8ab278y50cf38c9f971f0a3@mail.gmail.com>
To: "Mark Nottingham" <mnot@mnot.net>
Cc: "Larry Masinter" <LMM@acm.org>, "Eliot Lear" <lear@cisco.com>, "Julian Reschke" <julian.reschke@gmx.de>, "Paul Hoffman" <phoffman@imc.org>, "Apps Discuss" <discuss@apps.ietf.org>, ietf-http-wg@w3.org

On 5/31/07, Mark Nottingham <mnot@mnot.net> wrote:
>
> Robert's draft is orthogonal to a 2617 update; the idea of that is to
> address the need for MTI security.

My draft is orthogonal to things that are unimplementable, because it
seeks to document what has actually happened, and why it did. It may
be possible to design an MTI scheme for HTTP. So far, the text in my
draft leads me to believe that HTTP authentication is wedged between
graphic design, scalability, and security in such a way that
implementors of a given protocol will never be able to agree on shared
trade-offs. But I have only written what I know. I'm sure the document
can be augmented and corrected.

> It would be interesting to compile issues for 2617 as well, to see
> what the scope of work would be. If we can keep the scope to errata
> and clarifications (i.e., not introducing new schemes), it might be
> doable.

My feeling is that the current schemes can be updated by documenting
the internationalization behavior of popular implementations, but
nothing else is worth doing.

-- 

Robert Sayre

"I would have written a shorter letter, but I did not have the time."
Received on Thursday, 31 May 2007 05:35:37 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:50:10 GMT