RE: Reminder: Call for Proposals - HTTP Authentication
<Markus.Isomaki@nokia.com> Thu, 03 May 2012 10:40 UTC
Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C99B821F85DD for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 3 May 2012 03:40:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.599
X-Spam-Level:
X-Spam-Status: No, score=-10.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jXRQ6cCk2m7O for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 3 May 2012 03:40:25 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) by ietfa.amsl.com (Postfix) with ESMTP id C4F5021F85D6 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Thu, 3 May 2012 03:40:25 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.69) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1SPtQU-0002s5-Nd for ietf-http-wg-dist@listhub.w3.org; Thu, 03 May 2012 10:38:22 +0000
Received: from lisa.w3.org ([128.30.52.41]) by frink.w3.org with esmtp (Exim 4.69) (envelope-from <Markus.Isomaki@nokia.com>) id 1SPtQK-0002r9-8n for ietf-http-wg@listhub.w3.org; Thu, 03 May 2012 10:38:12 +0000
Received: from smtp.nokia.com ([147.243.128.24] helo=mgw-da01.nokia.com) by lisa.w3.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.72) (envelope-from <Markus.Isomaki@nokia.com>) id 1SPtQD-0006xX-El for ietf-http-wg@w3.org; Thu, 03 May 2012 10:38:10 +0000
Received: from vaebh105.NOE.Nokia.com (in-mx.nokia.com [10.160.244.31]) by mgw-da01.nokia.com (Sentrion-MTA-4.2.2/Sentrion-MTA-4.2.2) with ESMTP id q43AbTcd031272; Thu, 3 May 2012 13:37:34 +0300
Received: from smtp.mgd.nokia.com ([65.54.30.20]) by vaebh105.NOE.Nokia.com over TLS secured channel with Microsoft SMTPSVC(6.0.3790.4675); Thu, 3 May 2012 13:37:29 +0300
Received: from 008-AM1MPN1-043.mgdnok.nokia.com ([169.254.3.106]) by 008-AM1MMR1-011.mgdnok.nokia.com ([65.54.30.20]) with mapi id 14.02.0283.004; Thu, 3 May 2012 12:37:28 +0200
From: Markus.Isomaki@nokia.com
To: lionel.morand@orange.com, mnot@mnot.net
CC: ietf-http-wg@w3.org
Thread-Topic: Reminder: Call for Proposals - HTTP Authentication
Thread-Index: Ac0kNv+k4jF4bnX1TAOAzfrcv6a4LgAIgaigAACohiAApdNUIAAMZ0wAABecNgAAZPi0AA==
Date: Thu, 03 May 2012 10:37:27 +0000
Message-ID: <E44893DD4E290745BB608EB23FDDB7621EFB93@008-AM1MPN1-043.mgdnok.nokia.com>
References: <14A09626-8397-4656-A042-FEFDDD017C9F@mnot.net> <B11765B89737A7498AF63EA84EC9F577014C8B6C@ftrdmel1> <D159EF0F-AEEC-4629-91EC-C6B0A9BEA9EE@mnot.net> <B11765B89737A7498AF63EA84EC9F577014C8B82@ftrdmel1>
In-Reply-To: <B11765B89737A7498AF63EA84EC9F577014C8B82@ftrdmel1>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [172.21.80.29]
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginalArrivalTime: 03 May 2012 10:37:29.0086 (UTC) FILETIME=[BD0619E0:01CD2918]
X-Nokia-AV: Clean
Received-SPF: pass client-ip=147.243.128.24; envelope-from=Markus.Isomaki@nokia.com; helo=mgw-da01.nokia.com
X-W3C-Hub-Spam-Status: No, score=-4.2
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01
X-W3C-Scan-Sig: lisa.w3.org 1SPtQD-0006xX-El e22e1549185e742d490ab93f398001ea
X-Original-To: ietf-http-wg@w3.org
Subject: RE: Reminder: Call for Proposals - HTTP Authentication
Archived-At: <http://www.w3.org/mid/E44893DD4E290745BB608EB23FDDB7621EFB93@008-AM1MPN1-043.mgdnok.nokia.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/13514
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
Resent-Message-Id: <E1SPtQU-0002s5-Nd@frink.w3.org>
Resent-Date: Thu, 03 May 2012 10:38:22 +0000
Hi Lionel, Out of curiosity, do you know about implementations or deployment of RFC 3310 in the context of HTTP? I know it is used in a special way in SIP ("IMS") authentication in a few deployments. Would the intent be just a promotion from Informational to Standards Track, which would not require any specific technical work as such? Markus >-----Original Message----- >From: ext lionel.morand@orange.com [mailto:lionel.morand@orange.com] >Sent: 01 May, 2012 15:13 >To: mnot@mnot.net >Cc: ietf-http-wg@w3.org >Subject: RE: Reminder: Call for Proposals - HTTP Authentication > >Hi Mark, > >Of course, to be applicable, the first requirement for SIM-based >authentication schemes is to have a SIM card (or software based >implementation) and this implies that you have a mobile subscription. >However, the authentication mechanism is not contrite to mobile networks >and can be typically used over any HTTP-based access, e.g. wifi, adsl, cable, >etc., the mobile network being used only for AAA purposes, as trusted 3rd- >party. >Moreover, the terminal itself can be a mobile phone but also any IP-enabled >device (e.g. PC, tablet, etc.) providing a API to the SIM card. Moreover, the >browser is seen as off-the-shelf application and not mobile specific. > >For the reasons, I was considering that it would be a general interest to >reference a standard document instead of an Informational RFC. And this >period of "clean-up" of the HTTP documentation seems to be suitable for >that. > >Regards, > >Lionel > >-----Message d'origine----- >De : Mark Nottingham [mailto:mnot@mnot.net] Envoyé : mardi 1 mai 2012 >02:57 À : MORAND Lionel RD-CORE-ISS Cc : ietf-http-wg@w3.org Objet : Re: >Reminder: Call for Proposals - HTTP Authentication > >Hi Lionel, > >Do you know of any use outside of a mobile context? If there's interest, we >can certainly look at it, but if it's relegated to just that market (whether or >technical or social reasons), I don't think this would necessarily be the right >place to advance it to a standard (speaking just for me). > >Cheers, > > >On 01/05/2012, at 3:02 AM, <lionel.morand@orange.com> ><lionel.morand@orange.com> wrote: > >> Any feedback? >> >> Lionel >> >> -----Message d'origine----- >> De : MORAND Lionel RD-CORE-ISS >> Envoyé : vendredi 27 avril 2012 11:54 >> À : 'Mark Nottingham'; 'HTTP Working Group' >> Objet : RE: Reminder: Call for Proposals - HTTP Authentication >> >> Hi, >> >> RFC 3310 is informational but used in mobile networks. I think it is worth to >consider the interest of defining this mechanism as "standard" HTTP >authentication scheme. What should be the process? >> >> In the same line, I have a draft on adaption of RFC3310 for 2G AKA (see. >http://tools.ietf.org/id/draft-morand-http-digest-2g-aka-02.txt). I would >propose to add it to the list of new potential authentication schemes but only >if RFC 3310 is part of the same list. Otherwise, it could be only informal. >> >> Regards, >> >> Lionel >> >> -----Message d'origine----- >> De : Mark Nottingham [mailto:mnot@mnot.net] Envoyé : vendredi 27 avril >> 2012 07:28 À : HTTP Working Group Objet : Reminder: Call for Proposals >> - HTTP/2.0 and HTTP Authentication >> >> Just a reminder that we're still accepting proposals for: >> >> 1. HTTP/2.0 >> 2. New HTTP authentication schemes >> >> As per our charter <http://datatracker.ietf.org/wg/httpbis/charter/>. >> >> So far, we've received the following proposals applicable to HTTP/2.0: >> <http://trac.tools.ietf.org/wg/httpbis/trac/wiki/Http2Proposals> >> >> But none yet for authentication schemes: >> <http://trac.tools.ietf.org/wg/httpbis/trac/wiki/HttpAuthProposals> >> >> As communicated in Paris, the deadline for proposals is 15 June, 2012. It's >fine if your proposal isn't complete, but we do need to have a good sense of >it by then, for discussion. >> >> Regards, >> >> -- >> Mark Nottingham http://www.mnot.net/ >> >> >> >> > >-- >Mark Nottingham http://www.mnot.net/ > > >
- Reminder: Call for Proposals - HTTP/2.0 and HTTP … Mark Nottingham
- Re: Reminder: Call for Proposals - HTTP/2.0 and H… James M Snell
- Re: Reminder: Call for Proposals - HTTP/2.0 and H… Mark Nottingham
- Re: Reminder: Call for Proposals - HTTP/2.0 and H… James M Snell
- Re: Reminder: Call for Proposals - HTTP/2.0 and H… Willy Tarreau
- Re: Reminder: Call for Proposals - HTTP/2.0 and H… Mark Nottingham
- Re: Reminder: Call for Proposals - HTTP/2.0 and H… Nicolas Mailhot
- Re: Reminder: Call for Proposals - HTTP/2.0 and H… Nicolas Mailhot
- Re: Reminder: Call for Proposals - HTTP/2.0 and H… Willy Tarreau
- RE: Reminder: Call for Proposals - HTTP Authentic… lionel.morand
- Re: Reminder: Call for Proposals - HTTP/2.0 and H… Nicolas Mailhot
- Re: Reminder: Call for Proposals - HTTP/2.0 and H… James M Snell
- RE: Reminder: Call for Proposals - HTTP Authentic… lionel.morand
- Re: Reminder: Call for Proposals - HTTP/2.0 and H… Peter Lepeska
- Re: Reminder: Call for Proposals - HTTP/2.0 and H… William Chan (陈智昌)
- Re: Reminder: Call for Proposals - HTTP/2.0 and H… Peter Lepeska
- Re: Reminder: Call for Proposals - HTTP/2.0 and H… William Chan (陈智昌)
- Re: Reminder: Call for Proposals - HTTP Authentic… Mark Nottingham
- RE: Reminder: Call for Proposals - HTTP Authentic… lionel.morand
- Re: Reminder: Call for Proposals - HTTP Authentic… Mark Nottingham
- RE: Reminder: Call for Proposals - HTTP Authentic… lionel.morand
- Re: Reminder: Call for Proposals - HTTP/2.0 and H… Nicolas Mailhot
- RE: Reminder: Call for Proposals - HTTP Authentic… Markus.Isomaki
- Re: Reminder: Call for Proposals - HTTP/2.0 and H… Peter Lepeska
- Re: Reminder: Call for Proposals - HTTP/2.0 and H… William Chan (陈智昌)
- Comments on Explicit/Trusted Proxy Peter Lepeska
- Re: Comments on Explicit/Trusted Proxy Stephen Farrell
- Re: Comments on Explicit/Trusted Proxy Peter Lepeska
- Re: Comments on Explicit/Trusted Proxy Yoav Nir
- Re: Comments on Explicit/Trusted Proxy Roberto Peon
- Re: Comments on Explicit/Trusted Proxy Peter Lepeska
- Re: Comments on Explicit/Trusted Proxy Stephen Farrell
- Re: Comments on Explicit/Trusted Proxy Fabian Keil
- Re: Comments on Explicit/Trusted Proxy Peter Lepeska
- Re: Comments on Explicit/Trusted Proxy Stephen Farrell
- Re: Comments on Explicit/Trusted Proxy Peter Lepeska
- Re: Comments on Explicit/Trusted Proxy Stephen Farrell
- Re: Comments on Explicit/Trusted Proxy Albert Lunde
- Re: Comments on Explicit/Trusted Proxy Stephen Farrell
- Re: Comments on Explicit/Trusted Proxy Peter Lepeska
- Re: Comments on Explicit/Trusted Proxy Peter Lepeska
- Re: Comments on Explicit/Trusted Proxy Roberto Peon
- Re: Comments on Explicit/Trusted Proxy Benjamin Carlyle
- Re: Comments on Explicit/Trusted Proxy Adrien W. de Croy
- Re: Comments on Explicit/Trusted Proxy Stephen Farrell
- Re: Comments on Explicit/Trusted Proxy Adrien W. de Croy
- Re: Comments on Explicit/Trusted Proxy Roberto Peon
- Re: Comments on Explicit/Trusted Proxy Roberto Peon
- Re: Comments on Explicit/Trusted Proxy Roberto Peon
- Re: Comments on Explicit/Trusted Proxy Adrien W. de Croy
- Re: Comments on Explicit/Trusted Proxy Roberto Peon
- Re: Comments on Explicit/Trusted Proxy Adrien W. de Croy
- Re: Comments on Explicit/Trusted Proxy Stephen Farrell
- Re: Comments on Explicit/Trusted Proxy Roberto Peon
- Re: Comments on Explicit/Trusted Proxy Stephen Farrell
- Re: Comments on Explicit/Trusted Proxy Roberto Peon
- Re: Comments on Explicit/Trusted Proxy Werner Baumann
- Re: Comments on Explicit/Trusted Proxy Stephen Farrell
- Re: Comments on Explicit/Trusted Proxy Yoav Nir
- Re: Comments on Explicit/Trusted Proxy Adrien W. de Croy
- Re: Comments on Explicit/Trusted Proxy Yoav Nir
- Re: Comments on Explicit/Trusted Proxy Adrien W. de Croy