W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2012

Re: WG Review: Recharter of Hypertext Transfer Protocol Bis (httpbis)

From: Mark Nottingham <mnot@mnot.net>
Date: Fri, 24 Feb 2012 13:47:18 +1100
Cc: Tim Bray <tbray@textuality.com>, Peter Saint-Andre <stpeter@stpeter.im>, ietf-http-wg@w3.org, IETF-Discussion <ietf@ietf.org>, Paul Hoffman <paul.hoffman@vpnc.org>, The IESG <iesg@ietf.org>
Message-Id: <3FE51BFF-EB61-40FA-8882-5E8AA4783B27@mnot.net>
To: Roy T. Fielding <fielding@gbiv.com>
On 24/02/2012, at 12:24 PM, Roy T. Fielding wrote:

> On Feb 23, 2012, at 5:18 PM, Tim Bray wrote:
>> On Thu, Feb 23, 2012 at 5:13 PM, Roy T. Fielding <fielding@gbiv.com> wrote:
>> 
>>> How many times do we have to do this before we declare insanity?
>>> I don't care how much risk it adds to the HTTP charter.  They are
>>> all just meaningless deadlines anyway.  If we want HTTP to have
>>> something other than Basic (1993) and Digest (1995) authentication,
>>> then it had better be part of *this* charter so that the proposals
>>> can address them.
>> 
>> Well, Digest already isn't used by anyone :)
> 
> A popular misconception because it works unseen.  See tools.ietf.org
> 
>> Seriously, someone needs to propose some charter language or this
>> discussion is a no-op.  -Tim
> 
> "Proposals for new HTTP authentication schemes are in scope."

No one has said they're out of scope; this discussion has been about whether -- at this point in time, before we have proposals -- we require the outcome to jump through some particular hoop regarding security. 


Cheers,



--
Mark Nottingham   http://www.mnot.net/
Received on Friday, 24 February 2012 02:47:51 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:51:56 GMT