- From: Paul Hoffman <paul.hoffman@vpnc.org>
- Date: Thu, 1 Mar 2012 11:08:01 -0800
- To: Nick Hilliard <nick@inex.ie>
- Cc: Peter Saint-Andre <stpeter@stpeter.im>, mnot@mnot.net, IETF discussion list <ietf@ietf.org>, iesg@ietf.org, ietf-http-wg@w3.org
On Mar 1, 2012, at 10:01 AM, Nick Hilliard wrote: > Can I suggest you also include authorization capabilities as a core > component of this. It's not much use to have people able to authenticate > themselves to a system if that system doesn't also provide a framework for > allowing the server-side application decide what they can or cannot do. This is a request for an HTTP capability that is significantly different than what has been proposed before, and has not been one of the items that caused problems in HTTP 1.x. I suggest that this not be part of the charter for httpbis until it can be shown to be a significant need, not just a new idea. --Paul Hoffman
Received on Thursday, 1 March 2012 19:08:43 UTC