Re: REAUTHENTICATION REQUIRED

Folks, pleass avoid messages like the following exerpt!

>  I have to say that this is all starting to sound like something we
>  aren't allowed to do while trying to move HTTP/1.1 from Proposed to
>  Draft Standard.  As much as the lack of a procedure for invalidating a
>  client's credentials has hurt my company's products (quite a bit!), we
>  would nonetheless be opposed to any change that would prevent the rapid
>  advancement of HTTP/1.1 to Draft Standard.
>  

Larry has said it before, and I'll say it again:

Let Larry and myself worry about the process problems: focus on the
right technical solution to the problem....  Both he and I are much
more up on IETF process than most of the working group.

There is almost always a way of skinning the cat; for example, rather than 
holding up the base HTTP/1.1 document, one can issue an independent document 
for the functionality enhancement, and move it to proposed standard when 
the base HTTP/1.1 spec goes to draft.  If we believe an issue doesn't
meet the criteria required for draft, we can generally split it off into
an independent document.  I'll make this call in concert with Larry
and the Area directors.

We don't want someone's (very often incorrect) understanding of process
to close off discussions of the right way to solve an issue.  Ergo
my quick reaction to this paragraph.

The basic point of IETF process is to try to ensure interoperability (and
therefore backward compatibility).  You can usually get what you want done
one way or the other without much of a problem.  It might (or might not)
require a separate document).  So don't sweat the process stuff or let
it cause you to lose sleep on potential solutions.

You should, however, worry HARD about installed base and interoperability. 
If solutions to issues don't meet those realities, then life gets much harder.  
This is the reality of the Internet process (and commercial products).....

				- Jim Gettys

Received on Tuesday, 25 November 1997 14:55:34 UTC