Re: TLS requirements (Last Call: draft-ietf-atompub-protocol to Proposed Standard)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Sam Hartman wrote:

I think both 2818 and 4346 contain important details and need to be
normative.
That makes sense to me. However, I initially thought the references had been mistakenly switched around. 

From the draft:

 At a minimum, client and server implementations MUST be capable of
 being configured to use HTTP Basic Authentication [RFC2617] in
 conjunction with a TLS connection as specified by [RFC2818].  See
[RFC4346] for more information on TLS.
This text is actively misleading, because it suggests RFC 4346 is included for informational purposes. The text should read: 

"At a minimum, client and server implementations MUST be capable of
being configured to use HTTP Basic Authentication [RFC2617] in
conjunction with a TLS connection as specified by [RFC2818] and
[RFC4346]."

- Rob

_______________________________________________

Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf
[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]