- From: Julian Reschke <julian.reschke@gmx.de>
- Date: Fri, 20 Oct 2006 10:03:15 +0200
- To: Robert Sayre <sayrer@gmail.com>
- CC: Larry Masinter <masinter@gmail.com>, HTTP Working Group <ietf-http-wg@w3.org>
Robert Sayre schrieb: > ... > I think anyone entertaining an HTTP revision is a fool to do so > without a clear statement on security requirements. The last upgrade > HTTP security received was SSL, courtesy of Netscape Communications. > ... Well, as Roy pointed out, a revision of HTTP/1.1 must not break implementations that comply to RFC2616. As RFC2616 doesn't have MTI security, this is it. If the IESG doesn't allow a bug-fix revision of a standards track document for the reasons above, it really should stick to it's own rules (RFC2026), declare that spec as "historic", and - should the spec be of any importance - start an activity to define a successor specification. In general, the whole issue revising an IETF spec IMHO is very problematic; compare that with the W3C which has failed with XML 1.1, but at least maintains XML 1.0 properly (4th edition published in August). Best regards, Julian
Received on Friday, 20 October 2006 08:03:20 UTC