- From: Cyrus Daboo <cyrus@daboo.name>
- Date: Tue, 28 Sep 2010 11:37:30 -0400
- To: Julian Reschke <julian.reschke@gmx.de>
- cc: HTTP Working Group <ietf-http-wg@w3.org>
Hi Julian, --On September 28, 2010 5:32:28 PM +0200 Julian Reschke <julian.reschke@gmx.de> wrote: >> SASL has an auth scheme registry >> (<http://www.iana.org/assignments/sasl-mechanisms>). We can probably >> model ours after that (possibly adjusting if there are known problems >> with the SASL one). One thing the SASL registry has is the "Usage" > > You mean: > > Intended usage: (One of COMMON, LIMITED USE, or OBSOLETE) > > ? I can see that this might be useful, but in that case we should > consider that for all of our registries... Sure. >> column which I think we definitely should adopt. Also, the possibility >> of registering a "family" of schemes through use of a wildcard >> indicator, e.g. "GS2-*" used in SASL. > > I'm not convinced this is needed; after all, we haven't had a registry up > until now. > > SASL has a different registration requirements for single names and > family of names; when you register a family of names you essentially > delegate a part of the space of names to another spec -- do we really > want that? Take a look at <http://tools.ietf.org/id/draft-johansson-http-gss-05.txt> which actually tried to define an HTTP auth registry. Whilst that has expired, I think there still might be interest in pursuing it. -- Cyrus Daboo
Received on Tuesday, 28 September 2010 15:38:10 UTC