W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2016

Re: non authenticated alternate services (was Re: AD review of draft-ietf-httpbis-alt-svc-10)

From: Mark Nottingham <mnot@mnot.net>
Date: Tue, 19 Jan 2016 10:15:21 +1100
Cc: Kari Hurtta <hurtta-ietf@elmme-mailer.org>, Stephen Farrell <stephen.farrell@cs.tcd.ie>, Mike Bishop <Michael.Bishop@microsoft.com>, Barry Leiba <barryleiba@computer.org>, "Julian F. Reschke" <julian.reschke@gmx.de>, "draft-ietf-httpbis-alt-svc@ietf.org" <draft-ietf-httpbis-alt-svc@ietf.org>, HTTP Working Group <ietf-http-wg@w3.org>
Message-Id: <387074BE-A612-4E8E-BCE8-DE45080BE72D@mnot.net>
To: Patrick McManus <pmcmanus@mozilla.com>

> On 19 Jan 2016, at 7:32 am, Patrick McManus <pmcmanus@mozilla.com> wrote:
>> If the phrase "strong authentication" is making this hard to understand, we might use something else (e.g., "have reasonable assurances that the alternative service is under control of the origin").
> that's better. maybe tweak with the "valid for the whole origin" concept? That would certainly include both valid cert as well as the .wk approach.. 

WFM. I'll update the branch.

Mark Nottingham   https://www.mnot.net/
Received on Monday, 18 January 2016 23:15:53 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 22 March 2016 12:47:10 UTC