Re: Straw-man charter for http-bis
Keith Moore <moore@cs.utk.edu> Thu, 07 June 2007 22:25 UTC
Return-path: <discuss-bounces@apps.ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com)
by megatron.ietf.org with esmtp (Exim 4.43)
id 1HwQPz-0007nK-L7; Thu, 07 Jun 2007 18:25:23 -0400
Received: from discuss by megatron.ietf.org with local (Exim 4.43)
id 1HwQPy-0007hQ-L6 for discuss-confirm+ok@megatron.ietf.org;
Thu, 07 Jun 2007 18:25:22 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org)
by megatron.ietf.org with esmtp (Exim 4.43) id 1HwQPy-0007cO-9m
for discuss@apps.ietf.org; Thu, 07 Jun 2007 18:25:22 -0400
Received: from shu.cs.utk.edu ([160.36.56.39])
by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HwQP7-0004hx-6W
for discuss@apps.ietf.org; Thu, 07 Jun 2007 18:24:30 -0400
Received: from localhost (localhost [127.0.0.1])
by shu.cs.utk.edu (Postfix) with ESMTP id 872D11EE187;
Thu, 7 Jun 2007 18:24:28 -0400 (EDT)
X-Virus-Scanned: by amavisd-new with ClamAV and SpamAssasin at cs.utk.edu
Received: from shu.cs.utk.edu ([127.0.0.1])
by localhost (bes.cs.utk.edu [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id qEzxrY2ttnM9; Thu, 7 Jun 2007 18:23:54 -0400 (EDT)
Received: from lust.indecency.org (user-119b1dm.biz.mindspring.com
[66.149.133.182])
by shu.cs.utk.edu (Postfix) with ESMTP id ECBEB1EE1C6;
Thu, 7 Jun 2007 18:23:41 -0400 (EDT)
Message-ID: <4668855E.7080409@cs.utk.edu>
Date: Thu, 07 Jun 2007 18:23:26 -0400
From: Keith Moore <moore@cs.utk.edu>
User-Agent: Thunderbird 2.0.0.0 (Macintosh/20070326)
MIME-Version: 1.0
To: Paul Leach <paulle@windows.microsoft.com>
Subject: Re: Straw-man charter for http-bis
References: <BA772834-227A-4C1B-9534-070C50DF05B3@mnot.net>
<392C98BA-E7B8-44ED-964B-82FC48162924@mnot.net>
<6AE049B9045C00064222693F@10.1.110.5>
<p06240871c28dd59e7371@10.20.30.108> <46682DC3.2010405@cs.utk.edu>
<p06240875c28df150f134@10.20.30.108>
<5c902b9e0706071057y5ad331acwc07439c50b08cc07@mail.gmail.com>
<76323E9F0A911944A4E9225FACFC55BA04C3D4BC@WIN-MSG-20.wingroup.windeploy.ntdev.microsoft.com>
In-Reply-To: <76323E9F0A911944A4E9225FACFC55BA04C3D4BC@WIN-MSG-20.wingroup.windeploy.ntdev.microsoft.com>
X-Enigmail-Version: 0.95.0
OpenPGP: id=E1473978
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
X-Spam-Score: 0.1 (/)
X-Scan-Signature: 93238566e09e6e262849b4f805833007
Cc: Paul Hoffman <phoffman@imc.org>, Apps Discuss <discuss@apps.ietf.org>,
Justin Erenkrantz <justin@erenkrantz.com>, ietf-http-wg@w3.org
X-BeenThere: discuss@apps.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: general discussion of application-layer protocols
<discuss.apps.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/discuss>,
<mailto:discuss-request@apps.ietf.org?subject=unsubscribe>
List-Post: <mailto:discuss@apps.ietf.org>
List-Help: <mailto:discuss-request@apps.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/discuss>,
<mailto:discuss-request@apps.ietf.org?subject=subscribe>
Errors-To: discuss-bounces@apps.ietf.org
1. "A Proposed Standard should have no known technical omissions with respect to the requirements placed upon it." 2. Draft and full Standard documents must also meet the requirements for Proposed Standard. 3. "Security" is generally accepted as a requirement for all Internet standards-track protocols, but this is rather vague as the meaning of "security" varies from one protocol and use case to another. In the case of HTTP there is clearly a need for clients to be able to authenticate to servers, servers to be authenticate to clients, and for there to be a means to assure the secrecy of data passed between servers and clients. > For a long time, the IESG has required that all new protocols have a > "security considerations" section. I have not heard that that has > changed to a more stringent mandate. For many protocols, including > HTTP, that section would have to show that they are securable. > However, in addition, IMO it is obvious that for HTTP, that section > also says that anonymous clients and unauthenticated servers are OK > in many circumstances, and here are the mechanisms that can be used > when it isn't OK.
- Straw-man charter for http-bis Mark Nottingham
- Re: Straw-man charter for http-bis Julian Reschke
- Re: Straw-man charter for http-bis Paul Hoffman
- Re: Straw-man charter for http-bis Julian Reschke
- Re: Straw-man charter for http-bis Eliot Lear
- Re: Straw-man charter for http-bis Paul Hoffman
- Re: Straw-man charter for http-bis Julian Reschke
- Re: Straw-man charter for http-bis Paul Hoffman
- Re: Straw-man charter for http-bis Keith Moore
- Re: Straw-man charter for http-bis Julian Reschke
- Re: Straw-man charter for http-bis Julian Reschke
- Re: Straw-man charter for http-bis Julian Reschke
- Re: Straw-man charter for http-bis Mark Nottingham
- Re: Straw-man charter for http-bis Paul Hoffman
- Re: Straw-man charter for http-bis Mark Nottingham
- RE: Straw-man charter for http-bis Larry Masinter
- Re: Straw-man charter for http-bis Keith Moore
- Re: Straw-man charter for http-bis -- call for er… Mark Nottingham
- Re: Straw-man charter for http-bis Eliot Lear
- Re: Straw-man charter for http-bis Julian Reschke
- Re: Straw-man charter for http-bis -- call for er… Julian Reschke
- Re: Straw-man charter for http-bis Julian Reschke
- Re: Straw-man charter for http-bis Eliot Lear
- Re: Straw-man charter for http-bis Mark Nottingham
- Re: Straw-man charter for http-bis Eliot Lear
- Re: Straw-man charter for http-bis Julian Reschke
- Re: Straw-man charter for http-bis Eliot Lear
- Re: Straw-man charter for http-bis Julian Reschke
- Re: Straw-man charter for http-bis -- call for er… Julian Reschke
- Re: Straw-man charter for http-bis -- call for er… Cyrus Daboo
- Re: Straw-man charter for http-bis Keith Moore
- Re: Straw-man charter for http-bis Mark Nottingham
- Re: Straw-man charter for http-bis -- call for er… Cyrus Daboo
- Re: Straw-man charter for http-bis Alexey Melnikov
- Re: Straw-man charter for http-bis Alexey Melnikov
- Re: Straw-man charter for http-bis Yves Lafon
- Re: Straw-man charter for http-bis -- call for er… Robert Sayre
- Re: Straw-man charter for http-bis Robert Sayre
- Re: Straw-man charter for http-bis -- call for er… Robert Sayre
- Re: Straw-man charter for http-bis -- call for er… Robert Sayre
- Re: Straw-man charter for http-bis Roy T. Fielding
- Re: Straw-man charter for http-bis -- call for er… Henrik Nordstrom
- Re: Straw-man charter for http-bis -- call for er… Henrik Nordstrom
- Re: Straw-man charter for http-bis Robert Sayre
- Re: Straw-man charter for http-bis -- call for er… Robert Sayre
- Re: Straw-man charter for http-bis Mark Nottingham
- Re: Straw-man charter for http-bis Mark Nottingham
- Re: Straw-man charter for http-bis Mark Nottingham
- Re: Straw-man charter for http-bis Mark Nottingham
- Re: Straw-man charter for http-bis Mark Nottingham
- Re: Straw-man charter for http-bis Keith Moore
- Re: Straw-man charter for http-bis Robert Sayre
- RE: Straw-man charter for http-bis -- call for er… Henrik Nordstrom
- Re: Straw-man charter for http-bis Henrik Nordstrom
- Re: Straw-man charter for http-bis Roy T. Fielding
- Re: Straw-man charter for http-bis Keith Moore
- Re: Straw-man charter for http-bis Keith Moore
- Re: Straw-man charter for http-bis Keith Moore
- Re: Straw-man charter for http-bis Julian Reschke
- Re: Straw-man charter for http-bis John C Klensin
- Re: Straw-man charter for http-bis Eliot Lear
- Re: Straw-man charter for http-bis Keith Moore
- Re: Straw-man charter for http-bis Keith Moore
- Re: Straw-man charter for http-bis Julian Reschke
- Re: Straw-man charter for http-bis Keith Moore
- Re: Straw-man charter for http-bis Paul Hoffman
- Re: Straw-man charter for http-bis Julian Reschke
- Re: Straw-man charter for http-bis Keith Moore
- Re: Straw-man charter for http-bis Robert Sayre
- Re: Straw-man charter for http-bis Chris Newman
- Re: Straw-man charter for http-bis Julian Reschke
- Re: Straw-man charter for http-bis Alexey Melnikov
- Re: Straw-man charter for http-bis Paul Hoffman
- RFC2616 vs RFC2617, was: Straw-man charter for ht… Julian Reschke
- Re: Straw-man charter for http-bis Keith Moore
- Re: RFC2616 vs RFC2617, was: Straw-man charter fo… Keith Moore
- Re: Straw-man charter for http-bis Julian Reschke
- Re: RFC2616 vs RFC2617, was: Straw-man charter fo… Julian Reschke
- Re: Straw-man charter for http-bis Paul Hoffman
- Re: Straw-man charter for http-bis Eliot Lear
- Re: RFC2616 vs RFC2617, was: Straw-man charter fo… Keith Moore
- Re: Straw-man charter for http-bis Keith Moore
- Re: Straw-man charter for http-bis Keith Moore
- Re: Straw-man charter for http-bis Keith Moore
- Re: Straw-man charter for http-bis Lisa Dusseault
- Re: RFC2616 vs RFC2617, was: Straw-man charter fo… Stephane Bortzmeyer
- Re: RFC2616 vs RFC2617, was: Straw-man charter fo… Joe Orton
- Re: Straw-man charter for http-bis Henrik Nordstrom
- Re: RFC2616 vs RFC2617, was: Straw-man charter fo… lists
- Re: RFC2616 vs RFC2617, was: Straw-man charter fo… lists
- Re: Straw-man charter for http-bis Eliot Lear
- Re: Straw-man charter for http-bis Chris Newman
- Re: RFC2616 vs RFC2617, was: Straw-man charter fo… Chris Newman
- Re: Straw-man charter for http-bis Henrik Nordstrom
- Re: Straw-man charter for http-bis Lisa Dusseault
- Re: Straw-man charter for http-bis Martin Duerst
- Re: Straw-man charter for http-bis Henrik Nordstrom
- Re: Straw-man charter for http-bis Keith Moore
- Re: Straw-man charter for http-bis Julian Reschke
- Re: RFC2616 vs RFC2617, was: Straw-man charter fo… Mark Nottingham
- Re: RFC2616 vs RFC2617, was: Straw-man charter fo… Stephane Bortzmeyer
- Re: RFC2616 vs RFC2617, was: Straw-man charter fo… Adrien de Croy
- Re: RFC2616 vs RFC2617, was: Straw-man charter fo… Stephane Bortzmeyer
- Re: RFC2616 vs RFC2617, was: Straw-man charter fo… tom.petch
- Re: RFC2616 vs RFC2617, was: Straw-man charter fo… Keith Moore
- Re: RFC2616 vs RFC2617, was: Straw-man charter fo… tom.petch
- Re: RFC2616 vs RFC2617, was: Straw-man charter fo… Keith Moore
- Re: RFC2616 vs RFC2617, was: Straw-man charter fo… Mark Nottingham
- Re: RFC2616 vs RFC2617, was: Straw-man charter fo… Adrien de Croy
- Re: RFC2616 vs RFC2617, was: Straw-man charter fo… Chris Newman
- Re: Straw-man charter for http-bis Chris Newman
- Re: Straw-man charter for http-bis Henrik Nordstrom
- Re: Straw-man charter for http-bis der Mouse
- Re: Straw-man charter for http-bis Keith Moore
- Re: RFC2616 vs RFC2617, was: Straw-man charter fo… tom.petch
- Re: Straw-man charter for http-bis Mark Nottingham
- Character encodings in headers [i74][was: Straw-m… Mark Nottingham
- Re: Character encodings in headers [i74][was: Str… Keith Moore
- Re: Character encodings in headers [i74][was: Str… John C Klensin
- Re: Character encodings in headers [i74][was: Str… Clive D.W. Feather
- Re: Character encodings in headers [i74][was: Str… Martin Duerst
- Re: Character encodings in headers [i74][was: Str… Martin Duerst
- Re: Character encodings in headers [i74][was: Str… Mark Nottingham
- Re: Character encodings in headers [i74][was: Str… Martin Duerst
- Re: Character encodings in headers [i74][was: Str… Mark Nottingham
- Re: Character encodings in headers [i74][was: Str… Clive D.W. Feather
- Re: Character encodings in headers [i74][was: Str… Clive D.W. Feather
- Re: Character encodings in headers [i74][was: Str… Keith Moore
- Re: Character encodings in headers [i74][was: Str… der Mouse
- Re: Character encodings in headers [i74][was: Str… Keith Moore
- Re: Character encodings in headers [i74][was: Str… Stefanos Harhalakis
- Re: Character encodings in headers [i74][was: Str… Keith Moore