Re: Adding user@ to HTTP[S] URIs from Michael Toomim on 2020-01-24 (ietf-http-wg@w3.org from January to March 2020)

From: Michael Toomim <toomim@gmail.com>
Date: Fri, 24 Jan 2020 15:58:50 -0800
To: Rick van Rein <rick@openfortress.nl>
Cc: "HTTPbis WG (IETF)" <ietf-http-wg@w3.org>
Message-Id: <BB50C7B7-3861-4054-AFB7-6F1C287AFEE6@gmail.com>

Hi Rick!  I find this interesting, so thank you for the proposal.

> Most protocols support users under domain names, but HTTP does not.

Well, it *does* support users within the "path" part of the URL.  For instance, here's a page I just made for you, that's scoped to my user account:

    https://invisible.college/@toomim/hello-rick

> Usage patterns in the wild do suggest a desire to have this facility.

I didn't see any example usage patterns in the internet draft.  Can you provide some of them, so that we know what we are working with?

Thank you!

Michael

> On Jan 24, 2020, at 2:59 PM, Rick van Rein <rick@openfortress.nl> wrote:
> 
> Hello,
> 
> I wrote a draft to support http://user@host.name in HTTP / HTTPS URIs.
> The user is part of resource name space selection, and is not related to
> client authentication.  It is given its own "User" header field.
> 
> I am aware that this URI form is banned in RFC 7321, Section 2.7.1, last
> paragraph, but explain in issue #278 that this is unjustified:
> http://github.com/httpwg/http-core/issues/278
> 
> 
> Feedback welcomed.
> 
> Rick van Rein
> InternetWide.org
> 
> 
> -------- Original Message --------
> Subject: New Version Notification for draft-vanrein-http-unauth-user-02.txt
> Date: Fri, 24 Jan 2020 13:54:31 -0800
> From: internet-drafts@ietf.org
> To: Rick van Rein <rick@openfortress.nl>
> 
> 
> A new version of I-D, draft-vanrein-http-unauth-user-02.txt
> has been successfully submitted by Rick van Rein and posted to the
> IETF repository.
> 
> Name:		draft-vanrein-http-unauth-user
> Revision:	02
> Title:		User Names for HTTP Resources
> Document date:	2020-01-24
> Group:		Individual Submission
> Pages:		5
> URL:
> https://www.ietf.org/internet-drafts/draft-vanrein-http-unauth-user-02.txt
> Status:
> https://datatracker.ietf.org/doc/draft-vanrein-http-unauth-user/
> Htmlized:
> https://tools.ietf.org/html/draft-vanrein-http-unauth-user-02
> Htmlized:
> https://datatracker.ietf.org/doc/html/draft-vanrein-http-unauth-user
> Diff:
> https://www.ietf.org/rfcdiff?url2=draft-vanrein-http-unauth-user-02
> 
> Abstract:
>   Most protocols support users under domain names, but HTTP does not.
>   Usage patterns in the wild do suggest a desire to have this facility.
>   This specification defines a header for user names, orthogonal to any
>   authentication or authorisation concerns.
>

Received on Friday, 24 January 2020 23:58:59 UTC