Re: security requirements (was: Updating RFC 2617 (HTTP Digest) to use UTF-8)

* Robert Sayre wrote:
>On 10/17/06, Lisa Dusseault <> wrote:
>> Since there are so many ways to approach this, so many variations in
>> what specs are revised and how they depend upon each other, I can't
>> say whether I, or the IESG, expect a revision to RFC2616 to "step
>> into" the area covered by RFC2617.
>Perhaps we should poll the HTTP community as a start. Does anyone
>think mandatory-to-implement security mechanisms will be helpful and

Of course! Are you proposing to remove all the existing mandatory-to-
implement security mechanisms in RFC 2616 and RFC 2617?
Björn Höhrmann · ·
Weinh. Str. 22 · Telefon: +49(0)621/4309674 ·
68309 Mannheim · PGP Pub. KeyID: 0xA4357E78 · 

Received on Wednesday, 18 October 2006 00:35:20 UTC