Re: Last Call: Upgrading to TLS Within HTTP/1.1 to Proposed Standard

> >The IESG has received a request from the Transport Layer Security
> >Working Group to consider Upgrading to TLS Within HTTP/1.1
> ><draft-ietf-tls-http-upgrade-02.txt> as a Proposed Standard.

> >To: iesg@ietf.org, IETF-Announce:;
> >From: Harald Tveit Alvestrand <Harald@Alvestrand.no>
> >Subject: Re: Last Call: Upgrading to TLS Within HTTP/1.1 to Proposed
> >   Standard
[...]
>IANA considerations section for upgrade tokens is not thought through.
>At the least, the registrant should be allowed to change the contact
details
>for a registration, so the statement
>
>  > 1. The registration for a given token MUST NOT be changed once
registered.
>
>is obviously not what's desired.
>
>I'd suggest the following rules:
>
>1. A token, once registered, stays registered forever.
>2. The registration MUST name a responsible party for the registration.
>3. The registration MUST name a point of contact.
>4. The registration MAY name the documentation required for the token.
>5. The responsible party MAY change the registration at any time. The
>     IANA will keep a record of all such changes, and make them
available
>     upon request.
>6. The responsible party for the first registration of a "product"
token
>     MUST approve later registrations of a "version" token together
with that
>     "product" token before they can be registered.
>7. If absolutely required, the IESG MAY reassign the responsibility for
>     a token. This will normally only be used in the case when a
responsible
>     party cannot be contacted.
>
>A lot more words, but I think it's more workable.

An excellent formulation.  The authors will gratefully accept this as a
friendly amendment if the IESG concurs.

--
Scott Lawrence           Director of R & D        <lawrence@agranat.com>
Agranat Systems, Inc.  Embedded Web Technology   http://www.agranat.com/

Received on Wednesday, 22 September 1999 10:32:27 UTC