Re: Internet Draft: HTTP += SASL

FYI.  Are you aware of the previous effort in this area 
https://tools.ietf.org/html/draft-nystrom-http-sasl-12

And did it inform your draft in any way?  I don't know why this draft 
went stagnant.  Perhaps someone else on the list has the history behind it.


On 1/21/20 3:23 AM, Rick van Rein wrote:
> Hello,
>
> The following I-D is a specification that adds SASL authentication to
> HTTP.  It allows sharing security mechanisms with other protocols such
> as for email, and resolve security matters in transport-level software
> rather than in applications.  I believe this offers dramatic benefits.
>
> An informal example run is presented on
> http://internetwide.org/blog/2018/11/15/somethings-cooking-4.html
>
>
> We are looking forward to hearing your opinions to this proposal.
>
>
> Thanks,
>
> Rick van Rein
> InternetWide.org
>
> -----
>
> A new version of I-D, draft-vanrein-httpauth-sasl-03.txt
> has been successfully submitted by Rick van Rein and posted to the
> IETF repository.
>
> Name:  draft-vanrein-httpauth-sasl
> Revision: 03
> Title:  HTTP Authentication with SASL
> Document date: 2020-01-20
> Group:  Individual Submission
> Pages:  12
> URL:
> https://www.ietf.org/internet-drafts/draft-vanrein-httpauth-sasl-03.txt
> Status:
> https://datatracker.ietf.org/doc/draft-vanrein-httpauth-sasl/
> Htmlized:       https://tools.ietf.org/html/draft-vanrein-httpauth-sasl-03
> Htmlized:
> https://datatracker.ietf.org/doc/html/draft-vanrein-httpauth-sasl
> Diff:
> https://www.ietf.org/rfcdiff?url2=draft-vanrein-httpauth-sasl-03
>
> Abstract:
>     Most application-level protocols standardise their authentication
>     exchanges under the SASL framework.  HTTP has taken another course,
>     and often ends up replicating the work to allow individual
>     mechanisms.  This specification adopts full SASL authentication into
>     HTTP.
>
> The IETF Secretariat
>
-- 
Ken Murchison
Cyrus Development Team
Fastmail US LLC

Received on Thursday, 23 January 2020 09:04:29 UTC