Re: [dispatch] [Secdispatch] HTTP Request Signing

We have the time at SecDispatch, so should I just add it
considering DISPATCH has a full agenda?

Best regards,
Kathleen

On Tue, Nov 5, 2019 at 11:56 AM Justin Richer <jricher@mit.edu> wrote:

> A number of the people involved with implementing the drafts that I’d like
> to present are involved in IETF in different places, but none for pushing
> this draft to date. If this work finds a home, I think we’d be able to get
> a lot of that external community to participate in whatever list ends up
> hosting the work.
>
> I’m fine with presenting at only one of DISPATCH or SECDISPATCH instead of
> both, but since this sits squarely at the intersection of the two
> communities it might make sense for me to just introduce the concept (~1
> min) at whatever meeting I’m not giving a full presentation at.
>
>  — Justin
>
>
> On Nov 4, 2019, at 3:02 PM, Mary Barnes <mary.ietf.barnes@gmail.com>
> wrote:
>
> Personally, I'd rather not have the presentation twice, recognizing of
> course, that not everyone would be able to attend one or the other. But, we
> will have recordings and as is oft stated, ultimately decisions happen on
> mailing lists.  And, I appreciate and agree with Jeffrey not wanting
> feature creep in WPACK.  One objective of DISPATCH has been to ensure that
> work that is chartered is discrete enough to finish in a timely manner.
>
> You mention other communities that are interested in this.  Will they be
> participating or have they participated in IETF?    It's hard for chairs to
> judge consensus to work on something when the communities interested in the
> work are not participating in IETF.  Mailing list participation is
> sufficient.
>
> DISPATCH agenda is pretty full right now, so this would have to fall into
> AOB at this juncture if ADs and my WG co-chair agree that we should discuss
> in DISPATCH.  And, perhaps whether it gets a few minutes in SECdispatch
> might be informed on how it goes in DISPATCH, if we have a chance to
> discuss it, since you need the agreement that this is a problem IETF should
> solve from both areas.
>
> Regards,
> Mary
> DISPATCH WG co-chair
>
>
> On Fri, Nov 1, 2019 at 5:00 PM Justin Richer <jricher@mit.edu> wrote:
>
>> I would like to present and discuss HTTP Request signing at both the
>> DISPATCH and SECDISPATCH meetings at IETF106 in Singapore. This I-D has
>> been floating around for years now and has been adopted by a number of
>> different external groups and efforts:
>>
>> https://tools.ietf.org/html/draft-cavage-http-signatures
>>
>> I’ve spoken with the authors of the draft and we’d like to find out how
>> to bring this forward to publication within the IETF. I’m targeting both
>> dispatch groups because this represents the intersection of both areas, and
>> I think we’d get different perspectives from each side that we should
>> consider.
>>
>> There have been a number of other drafts that have approached HTTP
>> request signing as well (I’ve written two of them myself), but none has
>> caught on to date and none have made it to RFC. Lately, though, I’ve been
>> seeing a lot of renewed effort in different sectors, and in particular the
>> financial sector and cloud services, to have a general purpose HTTP message
>> signing capability. As such, I think it’s time to push something forward.
>>
>> I’ve reached out to the chairs for both DISPATCH and SECDISPATCH to
>> request a presentation slot.
>>
>> Thank you, and I’ll see you all in Singapore!
>>  — Justin
>> _______________________________________________
>> dispatch mailing list
>> dispatch@ietf.org
>> https://www.ietf.org/mailman/listinfo/dispatch
>>
>
> _______________________________________________
> Secdispatch mailing list
> Secdispatch@ietf.org
> https://www.ietf.org/mailman/listinfo/secdispatch
>

-- 

Best regards,
Kathleen