- From: Paul Hoffman <phoffman@imc.org>
- Date: Wed, 30 May 2007 08:33:27 -0700
- To: Julian Reschke <julian.reschke@gmx.de>
- Cc: Mark Nottingham <mnot@mnot.net>, "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>, Apps Discuss <discuss@apps.ietf.org>
At 4:59 PM +0200 5/30/07, Julian Reschke wrote:
>I guess the idea was that the more we restrict the scope of what we
>want to do, the easier it'll be to gather the right group of people
>to do it.
Fully agree.
>For instance, RFC2617 needs a revision badly as well (for instance,
>wrt to I18N of usernames and passwords, and, as far as I can recall,
>certain problems with the definition of Digest Auth). IMHO; this
>should occur in a separate working group.
The proposed charter has:
* Document the security properties of HTTP and its associated
mechanisms (e.g., Basic and Digest authentication, cookies, TLS)
for common applications
So, would obviously-needed changes to the associated mechanisms be in
scope for the WG, or not?
>Are there any specific extensions you have in mind?
Definitely not. I was asking whether or not we want to clamp down on
charter creep now or later.
Received on Wednesday, 30 May 2007 15:33:49 UTC