Re: RFC2616 vs RFC2617, was: Straw-man charter for http-bis from Henrik Nordstrom on 2007-06-07 (ietf-http-wg@w3.org from April to June 2007)

From: Henrik Nordstrom <henrik@henriknordstrom.net>
Date: Thu, 07 Jun 2007 23:26:57 +0200
To: Julian Reschke <julian.reschke@gmx.de>
Cc: "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>
Message-Id: <1181251617.24162.116.camel@henriknordstrom.net>

tor 2007-06-07 klockan 18:18 +0200 skrev Julian Reschke:

> BTW: does the framework really require fixing?

Not really imho. It's an extensible negotiable framework for message
based authentication with no dependencies on how such authentication is
implemented besides it being message based to fit in the message
structure of HTTP.

But it might need to be complemented with a framework for message
integrity however. Digest touches this, but not sure having message
integrity at the authentication level is right..

Received on Thursday, 7 June 2007 21:27:05 UTC