- From: Julian Reschke <julian.reschke@gmx.de>
- Date: Wed, 28 Jul 2010 14:39:08 +0200
- To: Mark Nottingham <mnot@mnot.net>
- CC: HTTP Working Group <ietf-http-wg@w3.org>
Hi, we discussed the issue of absorbing more of RFC 2617 (everything excpet the actual schemes) during our meeting: > 4. RFC2617 > mnot: part7 is the http auth framework, the meat of auth (basic and digest) is in 2617 > issues like i18n auth scheme registry might be addressed > a path could be to have basic and digest in one or two drafts, framework in p7 > Alexey: seems to be the right thing to do, having the framework in p7 is fine, other two documents will need a recharter > mnot: no changes needed as a first step to produce new documents, only i18n will require changes > Alexey: reopening digest could be controversial > <Barry Leiba> Cyrus: I don't see that draft-ietf-vwrap-type-system <http://tools.ietf.org/wg/vwrap/draft-ietf-vwrap-type-system/> has any ref to RFC 2617. Checking whether I got the right doc when you said that. > <Barry Leiba> Never mind... 2817, not 2617. > mnot: if the recharter says that only editorial changes are made, it could help. > Cyrus: not sure IESG will accept Digest as-is > Alexey: moving to historic might help. If somebody want to reopen Basic and Digest, it would be better if it was in a WG > Cyrus: Mutual Auth is there as an example of new auth > mnot: we are not a security-related WG > <roy.fielding> How about defining a registry for auth schemes? > Alexey: that is a good idea (in response to Roy's comment) It appears there was agreement that we should remove the missing bits of the framework into Part 7, so I have opened ticket 237 (<http://trac.tools.ietf.org/wg/httpbis/trac/ticket/237>) to track the work on this. For now I see (besides boilerplate and acks changes): - Section 1.2 (the actual framework), and - selected pieces of Section 4 (security considerations) Feedback appreciated, Julian
Received on Wednesday, 28 July 2010 12:39:45 UTC