Re: HTTP Signatures draft published at IETF from Melvin Carvalho on 2013-05-14 (public-webpayments@w3.org from May 2013)

From: Melvin Carvalho <melvincarvalho@gmail.com>
Date: Tue, 14 May 2013 11:58:13 +0200
To: Mark Nottingham <mnot@mnot.net>
Cc: ☮ elf Pavlik ☮ <perpetual-tripper@wwelves.org>, public-webpayments <public-webpayments@w3.org>, Kingsley Idehen <kidehen@openlinksw.com>, Blaine Cook <romeda@gmail.com>
Message-ID: <CAKaEYhKHhxJoJdJ+j7YLOMWJs1NFBsQOpOW7jxPZ8KYh=ha0kw@mail.gmail.com>

On 14 May 2013 11:37, Mark Nottingham <mnot@mnot.net> wrote:

>
> On 14/05/2013, at 6:49 PM, Melvin Carvalho <melvincarvalho@gmail.com>
> wrote:
>
> > I dont think the RFC prohibits using an http identity in this field,
> unless I am mistaken.
>
> You're mistaken; look at the ABNF.
>

OK thanks, got it, that makes sense.

Im unsure of the full history of "from" being tied to an email string.  But
is there any more fundamental objection to reuse *other* than backward
compatibility?

I hope it is possible to see the motivation behind wanting to use HTTP a
natural identity on the web.  Indeed in the recent years HTTP identifiers
as identity have had significant adoption, facebook been an obvious
example, though not the only one.

What do you think would be a natural field to identify a user, if "from" is
not to be used.

Would "User" make sense as "User-Agent" is already defined?

>
> --
> Mark Nottingham   http://www.mnot.net/
>
>
>
>

Received on Tuesday, 14 May 2013 09:58:51 UTC