Re: [http-auth] Ben Campbell's No Objection on draft-ietf-httpauth-scram-auth-15: (with COMMENT)
"Roy T. Fielding" <fielding@gbiv.com> Thu, 17 December 2015 00:20 UTC
Return-Path: <fielding@gbiv.com>
X-Original-To: http-auth@ietfa.amsl.com
Delivered-To: http-auth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 56CCA1A0180; Wed, 16 Dec 2015 16:20:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.366
X-Spam-Level:
X-Spam-Status: No, score=-2.366 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, IP_NOT_FRIENDLY=0.334, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KZZq_LPQvL89; Wed, 16 Dec 2015 16:20:37 -0800 (PST)
Received: from homiemail-a102.g.dreamhost.com (sub4.mail.dreamhost.com [69.163.253.135]) by ietfa.amsl.com (Postfix) with ESMTP id 0644A1A016C; Wed, 16 Dec 2015 16:20:37 -0800 (PST)
Received: from homiemail-a102.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a102.g.dreamhost.com (Postfix) with ESMTP id 9E5AB2005D119; Wed, 16 Dec 2015 16:20:36 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=gbiv.com; h=content-type :mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; s=gbiv.com; bh=VP0J+sML8CoECvbSWZXBrSfENlY=; b=gzfMJz4sIwh603pl6dbuP9kROj24 xDKk2CiF67ldt0BqdIZIjkpnOj/pQQMZGXbWi+OYT1vTFxXl7bslv7ZDo6DRkjPn UDSaltI0SPp13C9APRrS2DD1RxgHjFaeAWll7lPEwfKMLP/Sk4x//wzotbJ7i4cK 1dsUmxKO0ea9BhM=
Received: from [192.168.1.2] (ip68-228-71-159.oc.oc.cox.net [68.228.71.159]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: fielding@gbiv.com) by homiemail-a102.g.dreamhost.com (Postfix) with ESMTPSA id 6B4D02005D117; Wed, 16 Dec 2015 16:20:35 -0800 (PST)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2104\))
From: "Roy T. Fielding" <fielding@gbiv.com>
In-Reply-To: <5671FA70.6090303@cs.tcd.ie>
Date: Wed, 16 Dec 2015 16:20:33 -0800
Content-Transfer-Encoding: quoted-printable
Message-Id: <7CC7AC02-1898-41B3-A119-6B4707389B8D@gbiv.com>
References: <20151216235259.23225.93879.idtracker@ietfa.amsl.com> <5671FA70.6090303@cs.tcd.ie>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
X-Mailer: Apple Mail (2.2104)
Archived-At: <http://mailarchive.ietf.org/arch/msg/http-auth/gpNmV1_l2hO9Zn8U2Zv4QzzdPYY>
Cc: Ben Campbell <ben@nostrum.com>, draft-ietf-httpauth-scram-auth@ietf.org, httpauth-chairs@tools.ietf.org, httpauth-chairs@ietf.org, http-auth@ietf.org, The IESG <iesg@ietf.org>, draft-ietf-httpauth-scram-auth-all@tools.ietf.org
Subject: Re: [http-auth] Ben Campbell's No Objection on draft-ietf-httpauth-scram-auth-15: (with COMMENT)
X-BeenThere: http-auth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: HTTP authentication methods <http-auth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/http-auth>, <mailto:http-auth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/http-auth/>
List-Post: <mailto:http-auth@ietf.org>
List-Help: <mailto:http-auth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/http-auth>, <mailto:http-auth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Dec 2015 00:20:38 -0000
> On Dec 16, 2015, at 3:57 PM, Stephen Farrell <stephen.farrell@cs.tcd.ie> wrote: > On 16/12/15 23:52, Ben Campbell wrote: >> Ben Campbell has entered the following ballot position for >> draft-ietf-httpauth-scram-auth-15: No Objection >> >> When responding, please keep the subject line intact and reply to all >> email addresses included in the To and CC lines. (Feel free to cut this >> introductory paragraph, however.) >> >> >> Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html >> for more information about IESG DISCUSS and COMMENT positions. >> >> >> The document, along with other ballot positions, can be found here: >> https://datatracker.ietf.org/doc/draft-ietf-httpauth-scram-auth/ >> >> >> >> ---------------------------------------------------------------------- >> COMMENT: >> ---------------------------------------------------------------------- >> >> Can you say something about why this is experimental? That is, what is >> the nature of the experiment? Will results be reported? Is there a need >> for deployment experience? Do you expect this to progress to standards >> track at some point in the future? > > See the charter of the http-auth wg. [1] All of the RFCs > from this WG are experimental for the same reason, which > is basically that browsers today don't want new HTTP > authentication schemes (they probably don't want the old > ones too;-) > > S. > > [1] https://tools.ietf.org/wg/httpauth/charters I realize that was written into the charter (to satisfy someone's personal opinion), but it isn't even remotely true that browsers aren't interested in new authentication schemes on the standards track, and even if it were true it wouldn't matter: browsers make up less than 1% of HTTP implementations. The whole point of having extensible authentication schemes is to allow them to be defined and developed independently of "current practice". And the point of having an initial standards track of Proposed is to make clear they are proposals that are not necessarily deployed. More useless procedural pain for no gain. ....Roy
- [http-auth] Ben Campbell's No Objection on draft-… Ben Campbell
- Re: [http-auth] Ben Campbell's No Objection on dr… Stephen Farrell
- Re: [http-auth] Ben Campbell's No Objection on dr… Ben Campbell
- Re: [http-auth] Ben Campbell's No Objection on dr… Roy T. Fielding
- Re: [http-auth] Ben Campbell's No Objection on dr… Stephen Farrell