Re: [http-auth] Ben Campbell's No Objection on draft-ietf-httpauth-scram-auth-15: (with COMMENT)

Stephen Farrell <stephen.farrell@cs.tcd.ie> Wed, 16 December 2015 23:57 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: http-auth@ietfa.amsl.com
Delivered-To: http-auth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 507C31A914C; Wed, 16 Dec 2015 15:57:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.311
X-Spam-Level:
X-Spam-Status: No, score=-4.311 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YtEw-9SK4KGI; Wed, 16 Dec 2015 15:57:41 -0800 (PST)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 14D041A9142; Wed, 16 Dec 2015 15:57:41 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id ADF82BE5C; Wed, 16 Dec 2015 23:57:39 +0000 (GMT)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hvUegJGsQaRE; Wed, 16 Dec 2015 23:57:38 +0000 (GMT)
Received: from [10.87.48.91] (unknown [86.46.31.96]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 5D5E5BE33; Wed, 16 Dec 2015 23:57:37 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1450310258; bh=C0DKwrvzz6+kiVbUqi1jFcpIF9p979I0lDDeNa7a3Z0=; h=Subject:To:References:Cc:From:Date:In-Reply-To:From; b=gEKWq0eFr5AbyEiLVcsI++IKq3Wk/9Myw6FRHTrGqN1VbLI3T95PMbsSnv9qTg57j A1z/SEHpgEzHhV/oWfSy8oA/goFKPfDqIqg1US2KOrRGvH1YZWelOFZfy546lOGfYN hCotH1DbwXuEsBADcaPN8+Pfc8pia4ER13Yd/5FQ=
To: Ben Campbell <ben@nostrum.com>, The IESG <iesg@ietf.org>
References: <20151216235259.23225.93879.idtracker@ietfa.amsl.com>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Openpgp: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url=
Message-ID: <5671FA70.6090303@cs.tcd.ie>
Date: Wed, 16 Dec 2015 23:57:36 +0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.4.0
MIME-Version: 1.0
In-Reply-To: <20151216235259.23225.93879.idtracker@ietfa.amsl.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/http-auth/oyP8l3tzPioWTSI12pCb6ghAvaw>
Cc: draft-ietf-httpauth-scram-auth@ietf.org, httpauth-chairs@tools.ietf.org, httpauth-chairs@ietf.org, http-auth@ietf.org, draft-ietf-httpauth-scram-auth-all@tools.ietf.org
Subject: Re: [http-auth] Ben Campbell's No Objection on draft-ietf-httpauth-scram-auth-15: (with COMMENT)
X-BeenThere: http-auth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: HTTP authentication methods <http-auth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/http-auth>, <mailto:http-auth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/http-auth/>
List-Post: <mailto:http-auth@ietf.org>
List-Help: <mailto:http-auth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/http-auth>, <mailto:http-auth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Dec 2015 23:57:43 -0000


On 16/12/15 23:52, Ben Campbell wrote:
> Ben Campbell has entered the following ballot position for
> draft-ietf-httpauth-scram-auth-15: No Objection
> 
> When responding, please keep the subject line intact and reply to all
> email addresses included in the To and CC lines. (Feel free to cut this
> introductory paragraph, however.)
> 
> 
> Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
> for more information about IESG DISCUSS and COMMENT positions.
> 
> 
> The document, along with other ballot positions, can be found here:
> https://datatracker.ietf.org/doc/draft-ietf-httpauth-scram-auth/
> 
> 
> 
> ----------------------------------------------------------------------
> COMMENT:
> ----------------------------------------------------------------------
> 
> Can you say something about why this is experimental? That is, what is
> the nature of the experiment? Will results be reported? Is there a need
> for deployment experience? Do you expect this to progress to standards
> track at some point in the future?

See the charter of the http-auth wg. [1] All of the RFCs
from this WG are experimental for the same reason, which
is basically that browsers today don't want new HTTP
authentication schemes (they probably don't want the old
ones too;-)

S.

[1] https://tools.ietf.org/wg/httpauth/charters

> 
>