Re: [Ietf-http-auth] Next step on web phishing draft (draft-hartman-webauth-phishing-05.txt)
Eric Rescorla <ekr@networkresonance.com> Mon, 10 September 2007 15:47 UTC
Return-path: <discuss-bounces@apps.ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1IUlU5-00075B-Sw; Mon, 10 Sep 2007 11:47:33 -0400
Received: from discuss by megatron.ietf.org with local (Exim 4.43) id 1IU7MW-0003jt-Pl for discuss-confirm+ok@megatron.ietf.org; Sat, 08 Sep 2007 16:57:04 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IU7MW-0003jk-FH for discuss@apps.ietf.org; Sat, 08 Sep 2007 16:57:04 -0400
Received: from [74.95.2.169] (helo=delta.rtfm.com) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1IU7MV-0002p3-6H for discuss@apps.ietf.org; Sat, 08 Sep 2007 16:57:04 -0400
Received: from delta.rtfm.com (localhost.rtfm.com [127.0.0.1]) by delta.rtfm.com (Postfix) with ESMTP id 82EC933C39; Sat, 8 Sep 2007 13:53:37 -0700 (PDT)
Date: Sat, 08 Sep 2007 13:53:36 -0700
From: Eric Rescorla <ekr@networkresonance.com>
To: Alexey Melnikov <alexey.melnikov@isode.com>
Subject: Re: [Ietf-http-auth] Next step on web phishing draft (draft-hartman-webauth-phishing-05.txt)
In-Reply-To: <46E2E54A.2050406@isode.com> <86bqcc3nkk.wl%ekr@networkresonance.com>
References: <46E2E54A.2050406@isode.com>
User-Agent: Wanderlust/2.14.0 (Africa) Emacs/21.3 Mule/5.0 (SAKAKI)
MIME-Version: 1.0 (generated by SEMI 1.14.6 - "Maruoka")
Content-Type: text/plain; charset="US-ASCII"
Message-Id: <20070908205337.82EC933C39@delta.rtfm.com>
X-Spam-Score: 0.1 (/)
X-Scan-Signature: 8b30eb7682a596edff707698f4a80f7d
X-Mailman-Approved-At: Mon, 10 Sep 2007 11:47:32 -0400
Cc: ietf-http-auth@osafoundation.org, discuss@apps.ietf.org, saag@mit.edu, ietf@ietf.org, ietf-http-wg@w3.org
X-BeenThere: discuss@apps.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: general discussion of application-layer protocols <discuss.apps.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/discuss>, <mailto:discuss-request@apps.ietf.org?subject=unsubscribe>
List-Post: <mailto:discuss@apps.ietf.org>
List-Help: <mailto:discuss-request@apps.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/discuss>, <mailto:discuss-request@apps.ietf.org?subject=subscribe>
Errors-To: discuss-bounces@apps.ietf.org
Alexey wrote: > This message is trying to summarize recent discussions on > draft-hartman-webauth-phishing-05.txt. > > Several people voiced their support for the document (on IETF mailing > list and in various other off-list discussions). Ekr doesn't think that > the document should be published in the current form and he has some > good technical points that need to be addressed. At least one more > revision is needed to addressed recent comments from Ekr and SecDir review. > > It is quite clear that some people got confused about intended status of > this document and whether it represents IETF consensus. Sam has > clarified what was his intention, but another consensus call is needed > to make sure people agree with Sam. > > Subsequent discussions and consensus calls on the document would happen > on <ietf-http-auth@osafoundation.org>. > > Alexey, > in my capacity of shepherd for draft-hartman-webauth-phishing I object to this procedure. This document has already had an IETF Last Call, where it failed to achieve consensus. At this point, it doesn't need additional last calls to "make sure that people agree with Sam", but rather to go back to the authors to try to build support in the community. Not liking the result of the previous Last Call is not a sufficient basis for issuing another one. At some point in the future, it may be appropriate to issue another consensus call, but since this is not a WG mailing list--indeed, the IESG has twice declined to charter a WG in this area--nor are you the chair, it doesn't seem to me that you have standing to do that. When that time comes, I would expect the IESG to designate an appropriate time and place. -Ekr
- Next step on web phishing draft (draft-hartman-we… Alexey Melnikov
- Re: [Ietf-http-auth] Next step on web phishing dr… Alexey Melnikov
- Re: [saag] Next step on web phishing draft (draft… der Mouse
- Re: [Ietf-http-auth] Next step on web phishing dr… Eric Rescorla
- Re: Next step on web phishing draft (draft-hartma… Bill Manning
- RE: Next step on web phishing draft(draft-hartman… Hallam-Baker, Phillip
- Re: Next step on web phishing draft (draft-hartma… Iljitsch van Beijnum
- Re: Next step on web phishing draft (draft-hartma… Iljitsch van Beijnum
- Re: [saag] Next step on web phishing draft(draft-… tom.petch
- RE: [Ietf-http-auth] Next step on web phishing dr… Paul Leach
- Re: [saag] [Ietf-http-auth] Next step on web phis… Jeffrey Hutzelman
- RE: Next step on web phishing draft(draft-hartman… Debbie Garside
- RE: Next step on web phishing draft(draft-hartman… Ned Freed
- Re: Next step on web phishing draft(draft-hartman… Keith Moore
- Re: Next step on web phishing draft(draft-hartman… Keith Moore
- RE: Next step on web phishingdraft(draft-hartman-… Debbie Garside
- Re: Next step on web phishingdraft(draft-hartman-… Keith Moore
- Re: [saag] [Ietf-http-auth] Next step on web phis… Shumon Huque
- Required doc sections (Re: [saag] Next step on we… Nicolas Williams