- From: Alexey Melnikov <alexey.melnikov@isode.com>
- Date: Fri, 25 Mar 2011 15:39:09 +0100
- To: Cyrus Daboo <cyrus@daboo.name>
- CC: Eran Hammer-Lahav <eran@hueniverse.com>, Mark Nottingham <mnot@mnot.net>, "Thomson, Martin" <Martin.Thomson@commscope.com>, Bill Burke <bburke@redhat.com>, HTTP Working Group <ietf-http-wg@w3.org>
Cyrus Daboo wrote: > Hi Eran, > > --On March 23, 2011 11:47:45 PM -0700 Eran Hammer-Lahav > <eran@hueniverse.com> wrote: > >> No matter what the use cases are, most signature algorithm requiring >> complex canonicalization of data have failed the test of widespread >> adoption, so before we produce yet another such solutions, we should >> figure out if this complexity adds real value. > > Please take a look at DKIM which does this for email (and reasonably > well by most accounts). In fact my preference here is to use DKIM for > HTTP as well. Whilst DKIM is currently used for email it was designed > to be generally applicable to similar protocols - in fact we are > planning on using it for iTIP-over-HTTP (iSchedule: > <http://tools.ietf.org/id/draft-desruisseaux-ischedule-01.txt>). It > would be good to be able to utilize the existing infrastructure and > experience from DKIM in HTTP. +1. Dave Crocker is going to make a presentation on a more generalized DKIM in the Apps Area on Monday, March 28th.
Received on Friday, 25 March 2011 14:41:34 UTC