- From: Mark Nottingham <mnot@mnot.net>
- Date: Wed, 25 Aug 2010 12:21:00 +1000
- To: httpbis Group <ietf-http-wg@w3.org>
After some discussion with the ADs and Editors, I'm looking at asking the IESG for a *small* charter revision, to: - Explicitly move the authentication framework from RFC2617 (as discussed) - Take some components of RFC2817 and move it to Historic (as discussed) - Update our milestones - Fix typos in the charter See below for the proposed new charter. For reference, our current charter is at <http://datatracker.ietf.org/wg/httpbis/charter/>. Comments appreciated. ---8<--- Description of Working Group HTTP is one of the most successful and widely-used protocols on the Internet today. However, its specification has several editorial issues. Additionally, after years of implementation and extension, several ambiguities have become evident, impairing interoperability and the ability to easily implement and use HTTP. The working group will refine RFC2616 to: * Incorporate errata and updates (e.g., references, IANA registries, ABNF) * Fix editorial problems which have led to misunderstandings of the specification * Clarify conformance requirements * Remove known ambiguities where they affect interoperability * Clarify existing methods of extensibility * Remove or deprecate those features that are not widely implemented and also unduly affect interoperability * Where necessary, add implementation advice * Document the security properties of HTTP and its associated mechanisms (e.g., Basic and Digest authentication, cookies, TLS) for common applications It will also incorporate the generic authentication framework from RFC 2617, without obsoleting or updating that specification's definition of the Basic and Digest schemes. Finally, it will incorporate relevant portions of RFC 2817 (in particular, the CONNECT method and advice on the use of Upgrade), so that that specification can be moved to Historic status. In doing so, it should consider: * Implementer experience * Demonstrated use of HTTP * Impact on existing implementations and deployments The Working Group must not introduce a new version of HTTP and should not add new functionality to HTTP. The WG is not tasked with producing new methods, headers, or extension mechanisms, but may introduce new protocol elements if necessary as part of revising existing functionality which has proven to be problematic. The Working Group's specification deliverables are: * A document (or set of documents) that is suitable to supersede RFC 2616 and move RFC 2817 to Historic status * A document cataloguing the security properties of HTTP Goals and Milestones Done First HTTP Revision Internet Draft Done First HTTP Security Properties Internet Draft Nov 2010 Request Last Call for HTTP Revision Nov 2010 Request Last Call for HTTP Security Properties Apr 2011 Submit HTTP Revision to IESG for consideration as a Draft Standard Apr 2011 Submit HTTP Security Properties to IESG for consideration as Informational --->8--- -- Mark Nottingham http://www.mnot.net/
Received on Wednesday, 25 August 2010 02:21:32 UTC