Re: Straw-man charter for http-bis

Eliot Lear <lear@cisco.com> Thu, 07 June 2007 18:52 UTC

Return-path: <discuss-bounces@apps.ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1HwN6F-0007At-ON; Thu, 07 Jun 2007 14:52:47 -0400
Received: from discuss by megatron.ietf.org with local (Exim 4.43) id 1HwN6E-0007Aj-8W for discuss-confirm+ok@megatron.ietf.org; Thu, 07 Jun 2007 14:52:46 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HwN6D-0007Ab-Uz for discuss@apps.ietf.org; Thu, 07 Jun 2007 14:52:45 -0400
Received: from ams-iport-1.cisco.com ([144.254.224.140]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HwN6C-00076c-L0 for discuss@apps.ietf.org; Thu, 07 Jun 2007 14:52:45 -0400
Received: from ams-dkim-2.cisco.com ([144.254.224.139]) by ams-iport-1.cisco.com with ESMTP; 07 Jun 2007 20:52:42 +0200
Received: from ams-core-1.cisco.com (ams-core-1.cisco.com [144.254.224.150]) by ams-dkim-2.cisco.com (8.12.11/8.12.11) with ESMTP id l57Iqfkt016345; Thu, 7 Jun 2007 20:52:41 +0200
Received: from elear-mac.local (ams3-vpn-dhcp4229.cisco.com [10.61.80.132]) by ams-core-1.cisco.com (8.12.10/8.12.6) with ESMTP id l57IqbDR001532; Thu, 7 Jun 2007 18:52:40 GMT
Message-ID: <466853F5.6030609@cisco.com>
Date: Thu, 07 Jun 2007 19:52:37 +0100
From: Eliot Lear <lear@cisco.com>
User-Agent: Thunderbird 2.0.0.0 (Macintosh/20070326)
MIME-Version: 1.0
To: Paul Hoffman <phoffman@imc.org>
Subject: Re: Straw-man charter for http-bis
References: <BA772834-227A-4C1B-9534-070C50DF05B3@mnot.net> <392C98BA-E7B8-44ED-964B-82FC48162924@mnot.net> <6AE049B9045C00064222693F@[10.1.110.5]> <p06240871c28dd59e7371@[10.20.30.108]>
In-Reply-To: <p06240871c28dd59e7371@[10.20.30.108]>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
DKIM-Signature: v=0.5; a=rsa-sha256; q=dns/txt; l=1082; t=1181242361; x=1182106361; c=relaxed/simple; s=amsdkim2001; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=lear@cisco.com; z=From:=20Eliot=20Lear=20<lear@cisco.com> |Subject:=20Re=3A=20Straw-man=20charter=20for=20http-bis |Sender:=20; bh=lbcZL9rfb5bnfvAxnJPJDcGRrnMDkQ5W3xDTFV2UnJU=; b=RXqKen90QMBINAxq6pGuAQ9cZIOu+bI6ZZylgQM6qSdDAxQxxMBGIl1/nwvRU3LDc70b8epo 7NDkyx41KsZo8+UjnBXEZe9h7En2C8wjxcFxOnrhxwkUHMQBuXwq13Yn;
Authentication-Results: ams-dkim-2; header.From=lear@cisco.com; dkim=pass (s ig from cisco.com/amsdkim2001 verified; );
X-Spam-Score: 0.1 (/)
X-Scan-Signature: 7d33c50f3756db14428398e2bdedd581
Cc: Apps Discuss <discuss@apps.ietf.org>, "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>
X-BeenThere: discuss@apps.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: general discussion of application-layer protocols <discuss.apps.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/discuss>, <mailto:discuss-request@apps.ietf.org?subject=unsubscribe>
List-Post: <mailto:discuss@apps.ietf.org>
List-Help: <mailto:discuss-request@apps.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/discuss>, <mailto:discuss-request@apps.ietf.org?subject=subscribe>
Errors-To: discuss-bounces@apps.ietf.org

Paul Hoffman wrote:
> draft-hartman-webauth-phishing generated no significant follow-on 
> discussion that I can see (I would be happy to be mistaken). There are 
> little bits of discussion here and there, but no momentum. Without a 
> strong push from the Apps area for this work, I suspect that it will 
> not happen or, if it does happen in a limited fashion, the results 
> will not be widely adopted in implementations.

I am forced to agree (sadly).  We all need a good kick in the pants on 
this one.  Sam has put together what I think is a fairly provocative 
requirements document (he provoked me to make a comment and a 
contribution or two ;-).  Given the lack luster response, I don't think 
even I can support my early desire to see the security considerations of 
HTTP dealt with, and the situation is truly abysmal.  And so I think we 
need to have two groups, and it's not even clear that we have enough 
support for the 2nd, right now.

I'm CC'ing Sam, by the way, who can perhaps more accurately respond to 
what comments he's gotten.

Eliot