W3C home > Mailing lists > Public > ietf-http-wg@w3.org > April to June 2007

Re: Straw-man charter for http-bis

From: Yves Lafon <ylafon@w3.org>
Date: Fri, 8 Jun 2007 05:56:55 -0400 (EDT)
To: Henrik Nordstrom <henrik@henriknordstrom.net>
Cc: Justin Erenkrantz <justin@erenkrantz.com>, "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>
Message-ID: <Pine.LNX.4.64.0706080527060.29476@ubzre.j3.bet>

On Thu, 7 Jun 2007, Henrik Nordstrom wrote:

> tor 2007-06-07 klockan 10:57 -0700 skrev Justin Erenkrantz:
>
>> Right - the IETF can wave a magic wand here, but it won't help as
>> deploying new versions of the servers and the clients take years.
>
> My rough estimate for getting a secure HTTP authentication scheme widely
> deployed is about 15 years, assuming that it takes no more than 5 to get
> it to draft standard. This assuming no major revisions of HTTP is needed
> along the way in which case add another 5 to 10 years..

Many sites moved away from HTTP authentication, not so much because of the 
technical aspects of basic or digest, but mostly because there was no good 
UI in browser. Of course browsers are not the only consumers of HTTP, far 
from that, but when defining a new authentication scheme, having a way to 
present it nicely in browsers would be part of the adoption path.

Henrik's timeline is describing the positive outcome of creating a new 
HTTP auth scheme.

-- 
Baroula que barouleras, au tiéu toujou t'entourneras.

         ~~Yves
Received on Friday, 8 June 2007 09:56:59 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:50:10 GMT