- From: Yoav Weiss <yoav@yoav.ws>
- Date: Tue, 7 Jul 2020 09:57:43 +0200
- To: Mark Nottingham <mnot@mnot.net>
- Cc: "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>, http-grease@ietf.org
- Message-ID: <CACj=BEg-Fxdt1vC7sE--w24Sct6AFSX92+wWYHyv1eHNHLc7Lg@mail.gmail.com>
Thanks for starting the conversation!! On Tue, Jul 7, 2020 at 3:31 AM Mark Nottingham <mnot@mnot.net> wrote: > Hi folks, > > There's been a background discussion about HTTP and ossification going on > for a little while, as some vendors have encountered situations where they > can't easily deploy new extensions. > > To work through this, we're trying to engage with the Web Application > Firewall (WAF) and similar communities to start a discussion around how we > can mitigate the risks here while still allowing them to do what they're > designed to do. > > I've written (with some help from others) a background document to > attempt an explanation of the core issues in an 'open letter' style; see: > > https://docs.google.com/document/d/131eTq1eAdjUWGXV8JtF6o842rOod2l7K4NajwDdf-l0/edit?usp=sharing > > That links to two Internet-Drafts of interest: > - https://tools.ietf.org/html/draft-bishop-httpbis-grease > - https://mnot.github.io/I-D/http-grease/ > > We've also created a mailing list for discussion of these issues, to try > to get more engagement from the WAF community. See: > https://www.ietf.org/mailman/listinfo/http-grease > > If you're interested in these issues, please subscribe to that list. If > you know any WAF vendors or related folks, please forward this to them; > we'd love to bring them into the discussion. > > Thanks, > > -- > Mark Nottingham https://www.mnot.net/ > > >
Received on Tuesday, 7 July 2020 07:58:15 UTC