[http-auth] Reminder: Looking for reviewers
Yoav Nir <ynir@checkpoint.com> Tue, 30 April 2013 07:22 UTC
Return-Path: <ynir@checkpoint.com>
X-Original-To: http-auth@ietfa.amsl.com
Delivered-To: http-auth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E689A21F9BA3 for <http-auth@ietfa.amsl.com>; Tue, 30 Apr 2013 00:22:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.599
X-Spam-Level:
X-Spam-Status: No, score=-10.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yEtFCVg9JSzo for <http-auth@ietfa.amsl.com>; Tue, 30 Apr 2013 00:22:26 -0700 (PDT)
Received: from smtp.checkpoint.com (smtp.checkpoint.com [194.29.34.68]) by ietfa.amsl.com (Postfix) with ESMTP id B648521F9B9C for <http-auth@ietf.org>; Tue, 30 Apr 2013 00:22:25 -0700 (PDT)
Received: from DAG-EX10.ad.checkpoint.com ([194.29.34.150]) by smtp.checkpoint.com (8.13.8/8.13.8) with ESMTP id r3U7MNLN025944 for <http-auth@ietf.org>; Tue, 30 Apr 2013 10:22:23 +0300
X-CheckPoint: {517F7001-1-1B221DC2-1FFFF}
Received: from IL-EX10.ad.checkpoint.com ([169.254.2.54]) by DAG-EX10.ad.checkpoint.com ([169.254.3.48]) with mapi id 14.02.0342.003; Tue, 30 Apr 2013 10:21:21 +0300
From: Yoav Nir <ynir@checkpoint.com>
To: "http-auth@ietf.org" <http-auth@ietf.org>
Thread-Topic: Reminder: Looking for reviewers
Thread-Index: AQHORXNQnNg5usCGsUWkSSJrNCEOYw==
Date: Tue, 30 Apr 2013 07:21:21 +0000
Message-ID: <6B6B39DB-CC09-419C-9089-1CCEBB0F8B7D@checkpoint.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [172.31.21.185]
x-kse-antivirus-interceptor-info: scan successful
x-kse-antivirus-info: Clean
Content-Type: text/plain; charset="us-ascii"
Content-ID: <63C36A52C40A45479E278C27896236E8@ad.checkpoint.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: [http-auth] Reminder: Looking for reviewers
X-BeenThere: http-auth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: HTTP authentication methods <http-auth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/http-auth>, <mailto:http-auth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/http-auth>
List-Post: <mailto:http-auth@ietf.org>
List-Help: <mailto:http-auth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/http-auth>, <mailto:http-auth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 30 Apr 2013 07:22:32 -0000
Hi Folks. On Apris 10th, we issued a call for acceptance for several drafts. One has since been withdrawn. The remaining ones are (in no particular order): - draft-williams-http-rest-auth - draft-farrell-httpbis-hoba - draft-oiwa-http-mutualauth and draft-oiwa-http-auth-extension - draft-melnikov-httpbis-scram-auth We already have 2-3 people who have committed to reviewing each of these drafts. Of course we value quality over quantity, but we would like to have some more. So this is a call for volunteers to review these drafts. You don't have to be a cryptographer to do these reviews (but if you are, that would be great!). We will ask reviewers to look at security, at implementation pitfalls, and at barriers to implementation in browsers, programmatic clients, and servers. So if you have a good "feel" for security, we need you. And if you have experience in developing browsers or web applications, especially when such web applications require authentication and are high-value (think banks, online shopping), we really, really need you. Please send email to the list, or to me directly. Just to get things started, I will review rest-auth and SCRAM. Thanks in advance Matt & Yoav