W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2020

Re: Internet Draft: HTTP += SASL

From: Rick van Rein <rick@openfortress.nl>
Date: Thu, 23 Jan 2020 12:18:50 +0100
Message-ID: <5E29811A.3080808@openfortress.nl>
To: Ken Murchison <murch@fastmail.com>
CC: ietf-http-wg@w3.org, "Henri Manson (ARPA2)" <henri.manson@arpa2.org>
Hallo Ken,

>> FYI.  Are you aware of the previous effort in this area
>> https://tools.ietf.org/html/draft-nystrom-http-sasl-12

>From the document history in the datatracker, as well as the last draft,
there was interest in improving on the last draft, but it never seems to
have concluded.

AFAIK our new proposal improves on the raised points,

Scalability:

 - stateless server side (server state passes via the client)
 - distribution of a sequence of connections is no problem

Security:

 - no fixation on DIGEST-MD5 (compatibility pulls down security)
 - support for channel binding without fixating protocol layering


Cheers,
 -Rick
Received on Thursday, 23 January 2020 11:19:32 UTC

This archive was generated by hypermail 2.4.0 : Thursday, 23 January 2020 11:19:33 UTC