Re: WG Review: Recharter of Hypertext Transfer Protocol Bis (httpbis)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 2/22/12 10:31 AM, Paul Hoffman wrote:
> The earnest calls for better authentication on this thread appear to
> ignore the fact that the very things that are being requested were
> put out of scope for the websec WG in their charter. I hope that no
> one things that a WG in the Applications Area will be better equipped
> to come up with a better authentication mechanism than one in the
> Security Area.

The WebSec WG is in the Applications Area.

> Asking the HTTPheads to guess what the securityheads might want is
> not a good way to design HTTP 2.0.

Probably not.

> Proposal: leave the httpbis WG charter as-is and re-charter the
> websec WG to consider what is needed in the HTTP authentication
> model. Later, recharter the websec WG to, you know, actually do the
> security work for authentication.

Or charter a separate WG to focus on HTTP authentication. (You might
recall that the BoF leading to formation of the WebSec WG was entitled
HASMAT = "HTTP Application Security Minus Authentication and Transport"
or somesuch.)

Peter

-- 
Peter Saint-Andre
https://stpeter.im/


_______________________________________________
Ietf mailing list
Ietf@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf


[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]