- From: Chris Newman <chris@innosoft.com>
- Date: Tue, 09 Feb 1999 12:28:09 -0800 (PST)
- To: Mike Spreitzer <spreitze@parc.xerox.com>
- Cc: ietf-http-ng@w3.org, discuss@apps.ietf.org
On Tue, 9 Feb 1999, Mike Spreitzer wrote: > At the HTTP-NG BOF at IETF-43 it was agreed to proceed chartering a WG > to work on a muxing protocol. This protocol addresses a subset of the > problems outlined for APPLCORE. As I've said before, I think the right > approach for APPLCORE (and HTTP-NG as well) is to produce very modular > specifications. In particular, the two communities should get together > on the problems addressed by the mux protocol. I've been working on a > charter for a mux WG, with discussion on the ietf-http-ng@w3.org mailing > list (to join, see HTTP-NG home page at > http://www.w3.org/Protocols/HTTP-NG/). I've just posted a new mux WG > charter draft, at > > <http://www.w3.org/Protocols/HTTP-NG/1999/02/mux-Charter-209.html> I'm concerned about the idea of the IETF designing a protocol which completely punts on security issues. If this is a protocol with a port number, then it needs to explain how security is activated for that port. If it's just a layer, then it needs to explain how it's integrated into lower-level security services or explain the consequences of security attacks if a higher-level security service is used. Security tends to pervade all layers of all stacks in a truly secure system, so I'm dubious it can be punted as this charter proposes. I'm also uncomfortable with the idea of replicating all the flow-control machinery of TCP in a layer above it. The consequences of doing so should be documented and justified. - Chris
Received on Tuesday, 9 February 1999 15:29:23 UTC