Point taken. -- David Harrington Director, Transport Area Internet Engineering Task Force (IETF) Ietfdbh@xxxxxxxxxxx +1-603-828-1401 On 2/22/12 12:31 PM, "Paul Hoffman" <paul.hoffman@xxxxxxxx> wrote: >The earnest calls for better authentication on this thread appear to >ignore the fact that the very things that are being requested were put >out of scope for the websec WG in their charter. I hope that no one >things that a WG in the Applications Area will be better equipped to come >up with a better authentication mechanism than one in the Security Area. > >Asking the HTTPheads to guess what the securityheads might want is not a >good way to design HTTP 2.0. > >Proposal: leave the httpbis WG charter as-is and re-charter the websec WG >to consider what is needed in the HTTP authentication model. Later, >recharter the websec WG to, you know, actually do the security work for >authentication. > >--Paul Hoffman _______________________________________________ Ietf mailing list Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf