W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2012

Re: WG Review: Recharter of Hypertext Transfer Protocol Bis (httpbis)

From: Tim Bray <tbray@textuality.com>
Date: Tue, 21 Feb 2012 14:46:14 -0800
Message-ID: <CAHBU6iuNhkPGZ5M3FyM2aZmqzVmRW2iRvtyQaYhk65s4FuVZDg@mail.gmail.com>
To: Mark Nottingham <mnot@mnot.net>
Cc: Stephen Farrell <stephen.farrell@cs.tcd.ie>, Julian Reschke <julian.reschke@gmx.de>, ietf-http-wg@w3.org, IETF-Discussion <ietf@ietf.org>, iesg@ietf.org
[in-line]

On Tue, Feb 21, 2012 at 2:40 PM, Mark Nottingham <mnot@mnot.net> wrote:
>> And then should it include adding some new options
>> or MTI auth schemes as part of HTTP/2.0 or even looking
>> at that? (I think it ought to include trying for that
>> personally, even if there is a higher-than-usual risk
>> of failure.)
>
>
> Based on past experience, I think the risk is very high, and we don't need to pile any more risk onto this particular project.

+1

HTTP's ability to be equipped with security technology has been
adequate, and I haven't heard much argument that its semantics were
the big obstacle to newer/better security.  Preserving its semantics
means its successor should be equally adequate.

Mnot is *understating* the risk of loading up the charter with this stuff. -T
Received on Tuesday, 21 February 2012 22:46:41 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:51:56 GMT