IETF Logo Mail Archive

[http-auth] WGLC for draft-ietf-httpauth-hoba-04

Yoav Nir <ynir.ietf@gmail.com> Mon, 22 September 2014 05:55 UTC

Return-Path: <ynir.ietf@gmail.com>
X-Original-To: http-auth@ietfa.amsl.com
Delivered-To: http-auth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6A8751A1A2A for <http-auth@ietfa.amsl.com>; Sun, 21 Sep 2014 22:55:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.701
X-Spam-Level:
X-Spam-Status: No, score=0.701 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Gdvz0BNxeSne for <http-auth@ietfa.amsl.com>; Sun, 21 Sep 2014 22:55:57 -0700 (PDT)
Received: from mail-wi0-x22d.google.com (mail-wi0-x22d.google.com [IPv6:2a00:1450:400c:c05::22d]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 22AC21A1A28 for <http-auth@ietf.org>; Sun, 21 Sep 2014 22:55:56 -0700 (PDT)
Received: by mail-wi0-f173.google.com with SMTP id r20so2212746wiv.12 for <http-auth@ietf.org>; Sun, 21 Sep 2014 22:55:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:content-type:subject:message-id:date:to:mime-version; bh=IrgfZM6GbOBPQ+hZoUwojyYQyluAJ3NMA7tlJWK6khs=; b=EWaLgw85Ho7Sy+Gh05WY0cfhgUEWn/5Ke70Xt58B+1XhJqx8fH3FmFWiKh34fEE4cD Yj5UzQDvxuPi971YP7sGHFaJfs8Iib4B/EjWrays2pCYFenFbRoCmV5V7RbQqpcVkg6K 4nBbklzAB++rOKRvqBWRaMGXHF3/ln5iA4LRT35QPFPFPOggn2M9Jc21clCpb+TPGgkx QXgObdc+ac0YBTcizf+vStATZ2EQMlD2wCfz5SQ8/reI3/thAkz07MVmaTg+VcgnbC3q 5Bak8iGl+trjgOHs3az2qlbYXy4BwGKkeUN/IysTY5QySwKbsm45A2BPPOt2dLakdmNn aUiw==
X-Received: by 10.194.237.2 with SMTP id uy2mr710265wjc.89.1411365355713; Sun, 21 Sep 2014 22:55:55 -0700 (PDT)
Received: from [10.4.36.239] ([80.179.9.7]) by mx.google.com with ESMTPSA id u10sm10873295wix.2.2014.09.21.22.55.43 for <http-auth@ietf.org> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Sun, 21 Sep 2014 22:55:55 -0700 (PDT)
From: Yoav Nir <ynir.ietf@gmail.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_E2048353-FEAF-4496-8A47-934201F3BA9F"
Message-Id: <8A2A44BA-D6DC-4588-A456-0796208F4BBD@gmail.com>
Date: Mon, 22 Sep 2014 08:48:58 +0300
To: IETF HTTP Auth <http-auth@ietf.org>
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\))
X-Mailer: Apple Mail (2.1878.6)
Archived-At: http://mailarchive.ietf.org/arch/msg/http-auth/3B6SxPqTEQ6KadDvXMDmqQhZEiQ
Subject: [http-auth] WGLC for draft-ietf-httpauth-hoba-04
X-BeenThere: http-auth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: HTTP authentication methods <http-auth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/http-auth>, <mailto:http-auth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/http-auth/>
List-Post: <mailto:http-auth@ietf.org>
List-Help: <mailto:http-auth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/http-auth>, <mailto:http-auth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Sep 2014 05:55:59 -0000

Hi all

Stephen, Paul, and Michael submitted version -04 about a month ago, and it has received no discussion so far.  The authors are of the opinion that the document is ready for publication, and it’s time for the group to weigh in on this subject.

This mail begins working group last call for this document. Please take the time to read the draft and send comments to the list about its security, applicability, usefulness, and any other aspect you wish to discuss. For guidance on what to look for, let me quote the following from our charter:
  The httpauth WG will be a short-lived working group that will document
  a small number of HTTP user authentication schemes that might offer
  security benefits, and that could, following experimentation, be
  widely adopted as standards-track schemes for HTTP user
  authentication. Each of these RFCs will be Informational or
  Experimental, and should include a description of when use of its
  mechanism is appropriate, via a use-case or other distinguishing
  characteristics. 
The WGLC is two weeks long, and ends on October 6th. Please send your reviews as replies to this message.

Thanks,

Yoav & Matt

v2.37.1 | Report a Bug | By Email | System Status