Re: Straw-man charter for http-bis
Keith Moore <moore@cs.utk.edu> Wed, 30 May 2007 17:04 UTC
Return-path: <discuss-bounces@apps.ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com)
by megatron.ietf.org with esmtp (Exim 4.43)
id 1HtRad-0006Pi-40; Wed, 30 May 2007 13:04:03 -0400
Received: from discuss by megatron.ietf.org with local (Exim 4.43)
id 1HtRab-0006Oi-Fo for discuss-confirm+ok@megatron.ietf.org;
Wed, 30 May 2007 13:04:01 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org)
by megatron.ietf.org with esmtp (Exim 4.43) id 1HtRab-0006Oa-5x
for discuss@apps.ietf.org; Wed, 30 May 2007 13:04:01 -0400
Received: from shu.cs.utk.edu ([160.36.56.39])
by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HtRaZ-0003ke-Ty
for discuss@apps.ietf.org; Wed, 30 May 2007 13:04:01 -0400
Received: from localhost (localhost [127.0.0.1])
by shu.cs.utk.edu (Postfix) with ESMTP id B7F8C1EE1D0;
Wed, 30 May 2007 13:03:58 -0400 (EDT)
X-Virus-Scanned: by amavisd-new with ClamAV and SpamAssasin at cs.utk.edu
Received: from shu.cs.utk.edu ([127.0.0.1])
by localhost (bes.cs.utk.edu [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id 31z1sZ7pvif7; Wed, 30 May 2007 13:03:38 -0400 (EDT)
Received: from lust.indecency.org (user-119b1dm.biz.mindspring.com
[66.149.133.182])
by shu.cs.utk.edu (Postfix) with ESMTP id 9B2C41EE1CB;
Wed, 30 May 2007 13:03:25 -0400 (EDT)
Message-ID: <465DAE5B.2070605@cs.utk.edu>
Date: Wed, 30 May 2007 13:03:23 -0400
From: Keith Moore <moore@cs.utk.edu>
User-Agent: Thunderbird 2.0.0.0 (Macintosh/20070326)
MIME-Version: 1.0
To: Eliot Lear <lear@cisco.com>
Subject: Re: Straw-man charter for http-bis
References: <BA772834-227A-4C1B-9534-070C50DF05B3@mnot.net> <392C98BA-E7B8-44ED-964B-82FC48162924@mnot.net> <p06240843c2833f4d7f2f@[10.20.30.108]> <465D9142.9050506@gmx.de>
<465D987F.5070906@cisco.com>
In-Reply-To: <465D987F.5070906@cisco.com>
X-Enigmail-Version: 0.95.0
OpenPGP: id=E1473978
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
X-Spam-Score: 0.1 (/)
X-Scan-Signature: 2409bba43e9c8d580670fda8b695204a
Cc: Paul Hoffman <phoffman@imc.org>, Mark Nottingham <mnot@mnot.net>,
"ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>,
Apps Discuss <discuss@apps.ietf.org>
X-BeenThere: discuss@apps.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: general discussion of application-layer protocols
<discuss.apps.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/discuss>,
<mailto:discuss-request@apps.ietf.org?subject=unsubscribe>
List-Post: <mailto:discuss@apps.ietf.org>
List-Help: <mailto:discuss-request@apps.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/discuss>,
<mailto:discuss-request@apps.ietf.org?subject=subscribe>
Errors-To: discuss-bounces@apps.ietf.org
Eliot Lear wrote: > Julian Reschke wrote: >> For instance, RFC2617 needs a revision badly as well (for instance, >> wrt to I18N of usernames and passwords, and, as far as I can recall, >> certain problems with the definition of Digest Auth). IMHO; this >> should occur in a separate working group. > > The HTTP auth model needs a lot of work. Creating an update without > addressing it seems to me pointless. Not that I disagree, but sites that are currently using forms+ssl to do logins aren't going to go back to a model where the browser gets to control the UI for the username/password prompt. So maybe what is needed is an auth model that lets the server give credentials to the browser, along with some advice for how to use it. And whatever mechanism were defined to pass these credentials around would need to be substantially better than what can currently be done with SSL and cookies (if that's even possible) otherwise there would be no point in defining it. IMHO, the first work item of httpbis should be a defect list for http 1.1 and associated documents. The next step would be to assess which defects could reasonably be corrected in a revision to the http document (probably to recycle at DS). Then the group could be rechartered to revise the http specification and to correct other defects that could reasonably be done by that group. One or more additional groups could be spun up to correct the remaining defects.
- Straw-man charter for http-bis Mark Nottingham
- Re: Straw-man charter for http-bis Julian Reschke
- Re: Straw-man charter for http-bis Paul Hoffman
- Re: Straw-man charter for http-bis Julian Reschke
- Re: Straw-man charter for http-bis Eliot Lear
- Re: Straw-man charter for http-bis Paul Hoffman
- Re: Straw-man charter for http-bis Julian Reschke
- Re: Straw-man charter for http-bis Paul Hoffman
- Re: Straw-man charter for http-bis Keith Moore
- Re: Straw-man charter for http-bis Julian Reschke
- Re: Straw-man charter for http-bis Julian Reschke
- Re: Straw-man charter for http-bis Julian Reschke
- Re: Straw-man charter for http-bis Mark Nottingham
- Re: Straw-man charter for http-bis Paul Hoffman
- Re: Straw-man charter for http-bis Mark Nottingham
- RE: Straw-man charter for http-bis Larry Masinter
- Re: Straw-man charter for http-bis Keith Moore
- Re: Straw-man charter for http-bis -- call for er… Mark Nottingham
- Re: Straw-man charter for http-bis Eliot Lear
- Re: Straw-man charter for http-bis Julian Reschke
- Re: Straw-man charter for http-bis -- call for er… Julian Reschke
- Re: Straw-man charter for http-bis Julian Reschke
- Re: Straw-man charter for http-bis Eliot Lear
- Re: Straw-man charter for http-bis Mark Nottingham
- Re: Straw-man charter for http-bis Eliot Lear
- Re: Straw-man charter for http-bis Julian Reschke
- Re: Straw-man charter for http-bis Eliot Lear
- Re: Straw-man charter for http-bis Julian Reschke
- Re: Straw-man charter for http-bis -- call for er… Julian Reschke
- Re: Straw-man charter for http-bis -- call for er… Cyrus Daboo
- Re: Straw-man charter for http-bis Keith Moore
- Re: Straw-man charter for http-bis Mark Nottingham
- Re: Straw-man charter for http-bis -- call for er… Cyrus Daboo
- Re: Straw-man charter for http-bis Alexey Melnikov
- Re: Straw-man charter for http-bis Alexey Melnikov
- Re: Straw-man charter for http-bis Yves Lafon
- Re: Straw-man charter for http-bis -- call for er… Robert Sayre
- Re: Straw-man charter for http-bis Robert Sayre
- Re: Straw-man charter for http-bis -- call for er… Robert Sayre
- Re: Straw-man charter for http-bis -- call for er… Robert Sayre
- Re: Straw-man charter for http-bis Roy T. Fielding
- Re: Straw-man charter for http-bis -- call for er… Henrik Nordstrom
- Re: Straw-man charter for http-bis -- call for er… Henrik Nordstrom
- Re: Straw-man charter for http-bis Robert Sayre
- Re: Straw-man charter for http-bis -- call for er… Robert Sayre
- Re: Straw-man charter for http-bis Mark Nottingham
- Re: Straw-man charter for http-bis Mark Nottingham
- Re: Straw-man charter for http-bis Mark Nottingham
- Re: Straw-man charter for http-bis Mark Nottingham
- Re: Straw-man charter for http-bis Mark Nottingham
- Re: Straw-man charter for http-bis Keith Moore
- Re: Straw-man charter for http-bis Robert Sayre
- RE: Straw-man charter for http-bis -- call for er… Henrik Nordstrom
- Re: Straw-man charter for http-bis Henrik Nordstrom
- Re: Straw-man charter for http-bis Roy T. Fielding
- Re: Straw-man charter for http-bis Keith Moore
- Re: Straw-man charter for http-bis Keith Moore
- Re: Straw-man charter for http-bis Keith Moore
- Re: Straw-man charter for http-bis Julian Reschke
- Re: Straw-man charter for http-bis John C Klensin
- Re: Straw-man charter for http-bis Eliot Lear
- Re: Straw-man charter for http-bis Keith Moore
- Re: Straw-man charter for http-bis Keith Moore
- Re: Straw-man charter for http-bis Julian Reschke
- Re: Straw-man charter for http-bis Keith Moore
- Re: Straw-man charter for http-bis Paul Hoffman
- Re: Straw-man charter for http-bis Julian Reschke
- Re: Straw-man charter for http-bis Keith Moore
- Re: Straw-man charter for http-bis Robert Sayre
- Re: Straw-man charter for http-bis Chris Newman
- Re: Straw-man charter for http-bis Julian Reschke
- Re: Straw-man charter for http-bis Alexey Melnikov
- Re: Straw-man charter for http-bis Paul Hoffman
- RFC2616 vs RFC2617, was: Straw-man charter for ht… Julian Reschke
- Re: Straw-man charter for http-bis Keith Moore
- Re: RFC2616 vs RFC2617, was: Straw-man charter fo… Keith Moore
- Re: Straw-man charter for http-bis Julian Reschke
- Re: RFC2616 vs RFC2617, was: Straw-man charter fo… Julian Reschke
- Re: Straw-man charter for http-bis Paul Hoffman
- Re: Straw-man charter for http-bis Eliot Lear
- Re: RFC2616 vs RFC2617, was: Straw-man charter fo… Keith Moore
- Re: Straw-man charter for http-bis Keith Moore
- Re: Straw-man charter for http-bis Keith Moore
- Re: Straw-man charter for http-bis Keith Moore
- Re: Straw-man charter for http-bis Lisa Dusseault
- Re: RFC2616 vs RFC2617, was: Straw-man charter fo… Stephane Bortzmeyer
- Re: RFC2616 vs RFC2617, was: Straw-man charter fo… Joe Orton
- Re: Straw-man charter for http-bis Henrik Nordstrom
- Re: RFC2616 vs RFC2617, was: Straw-man charter fo… lists
- Re: RFC2616 vs RFC2617, was: Straw-man charter fo… lists
- Re: Straw-man charter for http-bis Eliot Lear
- Re: Straw-man charter for http-bis Chris Newman
- Re: RFC2616 vs RFC2617, was: Straw-man charter fo… Chris Newman
- Re: Straw-man charter for http-bis Henrik Nordstrom
- Re: Straw-man charter for http-bis Lisa Dusseault
- Re: Straw-man charter for http-bis Martin Duerst
- Re: Straw-man charter for http-bis Henrik Nordstrom
- Re: Straw-man charter for http-bis Keith Moore
- Re: Straw-man charter for http-bis Julian Reschke
- Re: RFC2616 vs RFC2617, was: Straw-man charter fo… Mark Nottingham
- Re: RFC2616 vs RFC2617, was: Straw-man charter fo… Stephane Bortzmeyer
- Re: RFC2616 vs RFC2617, was: Straw-man charter fo… Adrien de Croy
- Re: RFC2616 vs RFC2617, was: Straw-man charter fo… Stephane Bortzmeyer
- Re: RFC2616 vs RFC2617, was: Straw-man charter fo… tom.petch
- Re: RFC2616 vs RFC2617, was: Straw-man charter fo… Keith Moore
- Re: RFC2616 vs RFC2617, was: Straw-man charter fo… tom.petch
- Re: RFC2616 vs RFC2617, was: Straw-man charter fo… Keith Moore
- Re: RFC2616 vs RFC2617, was: Straw-man charter fo… Mark Nottingham
- Re: RFC2616 vs RFC2617, was: Straw-man charter fo… Adrien de Croy
- Re: RFC2616 vs RFC2617, was: Straw-man charter fo… Chris Newman
- Re: Straw-man charter for http-bis Chris Newman
- Re: Straw-man charter for http-bis Henrik Nordstrom
- Re: Straw-man charter for http-bis der Mouse
- Re: Straw-man charter for http-bis Keith Moore
- Re: RFC2616 vs RFC2617, was: Straw-man charter fo… tom.petch
- Re: Straw-man charter for http-bis Mark Nottingham
- Character encodings in headers [i74][was: Straw-m… Mark Nottingham
- Re: Character encodings in headers [i74][was: Str… Keith Moore
- Re: Character encodings in headers [i74][was: Str… John C Klensin
- Re: Character encodings in headers [i74][was: Str… Clive D.W. Feather
- Re: Character encodings in headers [i74][was: Str… Martin Duerst
- Re: Character encodings in headers [i74][was: Str… Martin Duerst
- Re: Character encodings in headers [i74][was: Str… Mark Nottingham
- Re: Character encodings in headers [i74][was: Str… Martin Duerst
- Re: Character encodings in headers [i74][was: Str… Mark Nottingham
- Re: Character encodings in headers [i74][was: Str… Clive D.W. Feather
- Re: Character encodings in headers [i74][was: Str… Clive D.W. Feather
- Re: Character encodings in headers [i74][was: Str… Keith Moore
- Re: Character encodings in headers [i74][was: Str… der Mouse
- Re: Character encodings in headers [i74][was: Str… Keith Moore
- Re: Character encodings in headers [i74][was: Str… Stefanos Harhalakis
- Re: Character encodings in headers [i74][was: Str… Keith Moore