security requirements (was: Updating RFC 2617 (HTTP Digest) to use UTF-8)

On 10/17/06, Lisa Dusseault <lisa@osafoundation.org> wrote:
>
> Since there are so many ways to approach this, so many variations in
> what specs are revised and how they depend upon each other, I can't
> say whether I, or the IESG, expect a revision to RFC2616 to "step
> into" the area covered by RFC2617.

Perhaps we should poll the HTTP community as a start. Does anyone
think mandatory-to-implement security mechanisms will be helpful and
realistic?

-- 

Robert Sayre

Received on Tuesday, 17 October 2006 23:28:12 UTC