- From: Julian Reschke <julian.reschke@gmx.de>
- Date: Thu, 07 Jun 2007 18:18:13 +0200
- To: Keith Moore <moore@cs.utk.edu>
- CC: Paul Hoffman <phoffman@imc.org>, Apps Discuss <discuss@apps.ietf.org>, "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>
Keith Moore wrote: > no. deprecate 2617. deprecate the framework that is in 2616. HTTP > security needs a clean slate approach. I personally have no problem with this. In the wild, most authentication isn't using RFC2617 anyway. However, my understanding is that the IESG doesn't allow RFC2616bis not to discuss authentication in *some* manner. BTW: does the framework really require fixing? Best regards, Julian
Received on Thursday, 7 June 2007 16:18:22 UTC