HTTPAuth BoF in Atlanta

Hi all

In Vancouver, this working group declined to adopt any of the proposed authentication schemes. 

In the coming IETF meeting, the security area is going to have a BoF with the intention of forming a working group to create a bunch of experimental RFCs for new authentication methods in HTTP.

There are quite a few proposed methods. Follow this URL to see a list:

If you are interested in this topic, we'd be happy to see you in the BoF.  One thing that I think is missing from the discussion is the UI implications of authentication at the HTTP layer. It has been suggested that UI issues are the reason for the relatively sparse deployment of HTTP layer authentication, but I don't think the current discussion has been informed by UI experts who could tell us what future authentication methods should do in terms of UI to gain meaningful deployment. If you or someone you know has such expertise and would be willing to speak at the Atlanta BoF, please contact Derek Atkins and me offline.

Yoav Nir
(with BoF chair hat on)

Received on Tuesday, 2 October 2012 12:49:53 UTC