- From: Robert Sayre <sayrer@gmail.com>
- Date: Fri, 20 Oct 2006 14:12:24 -0400
- To: "Paul Leach" <paulle@windows.microsoft.com>
- Cc: "HTTP Working Group" <ietf-http-wg@w3.org>
On 10/20/06, Paul Leach <paulle@windows.microsoft.com> wrote: > IMO, the biggest threat is that vendors ship implementations that simply > _can't_ be configured to interoperate. > Right, that's the conventional wisdom. Experience with HTTP shows that server deployments drive clients to support as many HTTP security mechanisms as they can. Undocumented mechanisms have been a problem. HTTP security now takes place via forms, cookies, redirects, and rubber bands. I think the IETF should create a bunch of new mechanisms and see which one wins. Maybe there will be something to require in 2010. > I don't see any technical solution. Right. -- Robert Sayre
Received on Friday, 20 October 2006 18:12:39 UTC