Re: The 's' in https: more trouble than it's worth? [metadataInURI-31]

Dan Connolly wrote:

> On Sun, 2006-03-19 at 20:57 -0800, Roy T. Fielding wrote:
> [...]
> > > There was some argument that http: is enough, combined with...
> > >
> > >   Upgrading to TLS Within HTTP/1.1 Khare and Lawrence May 2000
> > >
> > 
> > Well, whoever argued that is flat out wrong and should read the HTTP
> > archives.
> How about we save them the trouble; i.e. excerpt the argument from
> the archives and include it in the metadataInURI-31 finding?

Good idea.  I've added it to my "to do" list for the finding.

> I'm not sure where to start looking.
> Bonus points to anybody who beats me to it.

Indeed.  Please ask Dan for bonus points when you beat him to it.  I would 
certainly welcome the help!

But then Dan wrote:

> I see that Noah concludes Roadmap with a nice short 4-point list.

> Maybe the case of https should be treated in a separate document.

Thanks for the implied compliment on the list.  I'll carry the "s" 
business as something to consider including. I'll probably try and draft 
something, and if I feel it adds more than it detracts I'll leave it in 
for discussion.  Otherwise, I'll indicate that I recommend the "separate 
document if at all" approach.  Thanks.

Noah Mendelsohn 
IBM Corporation
One Rogers Street
Cambridge, MA 02142

Received on Tuesday, 4 April 2006 20:51:19 UTC