Re: WG Review: Recharter of Hypertext Transfer Protocol Bis (httpbis)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



lör 2012-02-25 klockan 14:13 +0000 skrev Stephen Farrell:

> I don't agree with you there - the perceived low probability that
> something will be deployed is a real disincentive here. We have had
> people wanting to do work on this and have been told there's no point
> because it won't get adopted.

I do not agree that getting new auth schemes deployed if they do make
sense is such big problem in the longer scope.

We have already had two new auth schemes deployed within HTTP/1.1 during
the lifetime of HTTP/1.1 and which is in wide scale use today across
numerous different implementations. And these doesn't even followin HTTP
semantics...

A beauty of HTTP auth model here is that it can downgrade nicely,
allowing old clients to continue working only not gaining the benefits
of the new auth model. But that obviously have security implications as
well if newer user-agents can be fooled into downgrading.

Regards
Henrik

_______________________________________________
Ietf mailing list
Ietf@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf



[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]