IETF Logo Mail Archive

Re: [http-auth] Working Group Last Call for draft-ietf-httpauth-basicauth-update-03.txt

Julian Reschke <julian.reschke@gmx.de> Wed, 03 December 2014 19:17 UTC

Return-Path: <julian.reschke@gmx.de>
X-Original-To: http-auth@ietfa.amsl.com
Delivered-To: http-auth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A450D1A1BB7 for <http-auth@ietfa.amsl.com>; Wed, 3 Dec 2014 11:17:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8AcuxwvOa6rv for <http-auth@ietfa.amsl.com>; Wed, 3 Dec 2014 11:17:19 -0800 (PST)
Received: from mout.gmx.net (mout.gmx.net [212.227.15.19]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 064501A1BF5 for <http-auth@ietf.org>; Wed, 3 Dec 2014 11:17:19 -0800 (PST)
Received: from [192.168.2.160] ([93.217.101.31]) by mail.gmx.com (mrgmx001) with ESMTPSA (Nemesis) id 0LyEJp-1XzKKG0uGr-015WwR; Wed, 03 Dec 2014 20:17:09 +0100
Message-ID: <547F61B3.5020206@gmx.de>
Date: Wed, 03 Dec 2014 20:17:07 +0100
From: Julian Reschke <julian.reschke@gmx.de>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.3.0
MIME-Version: 1.0
To: Yoav Nir <ynir.ietf@gmail.com>
References: <20141202111608.27803.85751.idtracker@ietfa.amsl.com> <60D2DF51-5CD9-4A55-8031-4F974C0F8DF9@gmail.com> <61D95DD7-42F3-4483-8C72-E29C16180C56@apple.com> <547F3958.4020005@gmx.de> <1EB23215-FEFE-48D1-B634-04E6485A899F@apple.com> <547F468A.2000209@gmx.de> <85038266-014D-4528-A7AF-2201AB146835@gmail.com>
In-Reply-To: <85038266-014D-4528-A7AF-2201AB146835@gmail.com>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Provags-ID: V03:K0:AFQRiLE2Sbe16fnl5WC717WiDtAcCcH4VUcYBpX0kCN13ZpFv+M 1gDCQ1qIlWapHbjwRDEuteitnJDDiGN+gnFcuxsMquM1c/reYvZMrenN2UEuPzkHEDucsh5 Aa71rCq1qwIufAfIqvjm/FccI1xRM/RAjuH11u18duYjQJrFK/wcpeC8QaET8wXwyiMd+bU cTi+kR3gBuwBEpQzUcNFw==
X-UI-Out-Filterresults: notjunk:1;
Archived-At: http://mailarchive.ietf.org/arch/msg/http-auth/unaq3dDoqxZ0nNvoUmqy-flrskg
Cc: IETF HTTP Auth <http-auth@ietf.org>
Subject: Re: [http-auth] Working Group Last Call for draft-ietf-httpauth-basicauth-update-03.txt
X-BeenThere: http-auth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: HTTP authentication methods <http-auth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/http-auth>, <mailto:http-auth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/http-auth/>
List-Post: <mailto:http-auth@ietf.org>
List-Help: <mailto:http-auth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/http-auth>, <mailto:http-auth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Dec 2014 19:17:20 -0000

On 2014-12-03 20:05, Yoav Nir wrote:
> [no hats]
>
> Sure we can. This is a new specification. Some implementations will keep implementing the old, obsolete spec. This is no different from clients and servers continuing to use TLS 1.0 and 1.1 now that 1.2 has obsoleted them.

It's certainly very different from the way httpbis has revised RFC 2616, 
and my assumption was that we're doing the same thing here.

> The charset parameter can be an indicator that the server is implementing the new spec rather than the old. Why not go all the way to MUST?

Because it doesn't make any sense and will not be implemented?

Can we please stick to a realistic plan instead of coming up with 
something people will ignore? Do you remember RFC 2965?

Best regards, Julian

v2.23.0 | Report a Bug | By Email