Re: Issue 141: "should we have an auth scheme registry"

Hi Julian,

--On September 15, 2010 2:39:45 PM +0200 Julian Reschke 
<julian.reschke@gmx.de> wrote:

>> this issue has been waiting for the authentication framework to become
>> part of P7. Now that this has been resolved experimentally (pending IESG
>> approval), we can get back to it.
>>
>> Things to decide:
>>
>> 1) What kind of registration requirements do we want to have?
>>
>> 2) How do we populate the registry?
>>
>> 3) Which schemes do we want to populate the registry with?
>>
>> Proposal:
>>
>> 1) Same as status codes and method names, meaning "IETF Review", as
>> defined in <http://tools.ietf.org/html/rfc5226#section-4.1>:
>> ...
>
> Clarifying (after getting an off-list question): yes, this would allow
> Informational and Experimental RFCs (when using the IETF stream).

SASL has an auth scheme registry 
(<http://www.iana.org/assignments/sasl-mechanisms>). We can probably model 
ours after that (possibly adjusting if there are known problems with the 
SASL one). One thing the SASL registry has is the "Usage" column which I 
think we definitely should adopt. Also, the possibility of registering a 
"family" of schemes through use of a wildcard indicator, e.g. "GS2-*" used 
in SASL.

-- 
Cyrus Daboo

Received on Wednesday, 15 September 2010 15:51:21 UTC