Re: Digest Auth (fwd)

> This group is a bit two faced. A couple weeks a go, a prominant member was
> chastising folks who might be publishing a server and calling it HTTP/1.1
> before the very stable draft is really approved by the IETF. Now we
> are complaining because one or more other software publishers chose not
> to deliver software matching a spec about which discussion had gotten
> very hot and might be expected to be an unstable implementation target.
> 
> C'mon folks we can't have it both ways!

You are missing the point.  Digest can and should have been implemented
in HTTP/1.0 as the experiment that it was -- whether or not it is stable
only affects the allocation of limited resources.  In contrast, we are
using the label "HTTP/1.1" to indicate minimum compliance to a specific
proposed standard, and you cannot indicate minimum compliance to something
which is still subject to change.  Any future change to HTTP's minimum
compliance will now require a change to the HTTP version, since that
is how the version stuff is supposed to work. My concern is that the WG
as a whole needs to understand the meaning of HTTP-version, and when
the version number should change, since that understanding is central
to the protocol's extensibility.


 ...Roy T. Fielding
    Department of Information & Computer Science    (fielding@ics.uci.edu)
    University of California, Irvine, CA 92697-3425    fax:+1(714)824-4056
    http://www.ics.uci.edu/~fielding/

Received on Thursday, 29 August 1996 14:42:44 UTC