IETF Logo Mail Archive

Re: agenda/charter brainstorming

Mark Nottingham <mnot@mnot.net> Thu, 26 June 2014 01:51 UTC

Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C19FB1B2EE7 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 25 Jun 2014 18:51:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.553
X-Spam-Level:
X-Spam-Status: No, score=-7.553 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.651, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id p_K_azBwi3Cr for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 25 Jun 2014 18:51:45 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 15F6F1B2EDC for <httpbisa-archive-bis2Juki@lists.ietf.org>; Wed, 25 Jun 2014 18:51:44 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1Wzyno-0001o2-NU for ietf-http-wg-dist@listhub.w3.org; Thu, 26 Jun 2014 01:48:40 +0000
Resent-Date: Thu, 26 Jun 2014 01:48:40 +0000
Resent-Message-Id: <E1Wzyno-0001o2-NU@frink.w3.org>
Received: from maggie.w3.org ([128.30.52.39]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <mnot@mnot.net>) id 1WzynX-0001lm-Iu for ietf-http-wg@listhub.w3.org; Thu, 26 Jun 2014 01:48:23 +0000
Received: from mxout-08.mxes.net ([216.86.168.183]) by maggie.w3.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.72) (envelope-from <mnot@mnot.net>) id 1WzynW-0007L1-Ic for ietf-http-wg@w3.org; Thu, 26 Jun 2014 01:48:23 +0000
Received: from [192.168.1.55] (unknown [118.209.83.114]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by smtp.mxes.net (Postfix) with ESMTPSA id 55FA950A88; Wed, 25 Jun 2014 21:47:57 -0400 (EDT)
Content-Type: text/plain; charset="windows-1252"
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.2\))
From: Mark Nottingham <mnot@mnot.net>
In-Reply-To: <E7346C67-7627-4CA9-8C48-9A26B5BFC49C@gmail.com>
Date: Thu, 26 Jun 2014 11:47:54 +1000
Cc: "Julian F. Reschke" <julian.reschke@gmx.de>, HTTP Working Group <ietf-http-wg@w3.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <D8362123-4B00-4D71-8CDE-61468034D658@mnot.net>
References: <53A7E8BA.8090809@gmx.de> <A6F74280-7BF8-47F9-A818-47AAFBDB20A4@mnot.net> <E7346C67-7627-4CA9-8C48-9A26B5BFC49C@gmail.com>
To: Yoav Nir <ynir.ietf@gmail.com>
X-Mailer: Apple Mail (2.1878.2)
Received-SPF: pass client-ip=216.86.168.183; envelope-from=mnot@mnot.net; helo=mxout-08.mxes.net
X-W3C-Hub-Spam-Status: No, score=-3.8
X-W3C-Hub-Spam-Report: AWL=-3.071, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001
X-W3C-Scan-Sig: maggie.w3.org 1WzynW-0007L1-Ic 6d07edb054e434757b45af47474050fe
X-Original-To: ietf-http-wg@w3.org
Subject: Re: agenda/charter brainstorming
Archived-At: <http://www.w3.org/mid/D8362123-4B00-4D71-8CDE-61468034D658@mnot.net>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/24698
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

Hi Yoav,

I'm not sure we'll have the right people in Toronto for this, and we already have a pretty crowded agenda. My inclination is to hold off for now, but I think it would make for some interesting hallway conversations...

Cheers,


On 25 Jun 2014, at 5:32 am, Yoav Nir <ynir.ietf@gmail.com> wrote:

> 
> On Jun 24, 2014, at 8:42 AM, Mark Nottingham <mnot@mnot.net> wrote:
> 
>> Hi Julian,
>> 
>> On 23 Jun 2014, at 6:43 pm, Julian Reschke <julian.reschke@gmx.de> wrote:
>> 
>>> 
>>> 4) Session handling (or "avoiding cookies")
>>> 
>>> ...in case we find people, energy, and implementer interest.
>> 
>> That sounds very speculative. Draft?
> 
> http://tools.ietf.org/html/draft-williams-websec-session-continue-prob-00
> http://tools.ietf.org/html/draft-williams-websec-session-continue-proto-00
> http://tools.ietf.org/html/draft-abarth-cake-01
> http://tools.ietf.org/html/draft-hallambaker-httpsession-02
> http://tools.ietf.org/html/draft-hallambaker-httpintegrity-02
> http://tools.ietf.org/html/draft-hammer-oauth-v2-mac-token-05
> 
> 
> I could probably dig up a few more if I put my mind to it.
> 
> So people is easy, energy we might be able to find. Implementer interest?  I’m not sure it’s there.
> 
> Interesting reads on the subject: http://www.vsecurity.com/download/papers/WeaningTheWebOffOfSessionCookies.pdf
> 
> Yoav

--
Mark Nottingham   https://www.mnot.net/

v2.23.0 | Report a Bug | By Email