W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2012

Re: WG Review: Recharter of Hypertext Transfer Protocol Bis (httpbis)

From: Tim Bray <tbray@textuality.com>
Date: Tue, 21 Feb 2012 14:46:14 -0800
Message-ID: <CAHBU6iuNhkPGZ5M3FyM2aZmqzVmRW2iRvtyQaYhk65s4FuVZDg@mail.gmail.com>
To: Mark Nottingham <mnot@mnot.net>
Cc: Stephen Farrell <stephen.farrell@cs.tcd.ie>, Julian Reschke <julian.reschke@gmx.de>, ietf-http-wg@w3.org, IETF-Discussion <ietf@ietf.org>, iesg@ietf.org

On Tue, Feb 21, 2012 at 2:40 PM, Mark Nottingham <mnot@mnot.net> wrote:
>> And then should it include adding some new options
>> or MTI auth schemes as part of HTTP/2.0 or even looking
>> at that? (I think it ought to include trying for that
>> personally, even if there is a higher-than-usual risk
>> of failure.)
> Based on past experience, I think the risk is very high, and we don't need to pile any more risk onto this particular project.


HTTP's ability to be equipped with security technology has been
adequate, and I haven't heard much argument that its semantics were
the big obstacle to newer/better security.  Preserving its semantics
means its successor should be equally adequate.

Mnot is *understating* the risk of loading up the charter with this stuff. -T
Received on Tuesday, 21 February 2012 22:46:41 UTC

This archive was generated by hypermail 2.3.1 : Thursday, 1 October 2015 05:36:50 UTC