RE: Reminder: Call for Proposals - HTTP Authentication
<lionel.morand@orange.com> Wed, 02 May 2012 08:05 UTC
Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A0BEF21F87D3 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 2 May 2012 01:05:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8.649
X-Spam-Level:
X-Spam-Status: No, score=-8.649 tagged_above=-999 required=5 tests=[AWL=1.600, BAYES_00=-2.599, HELO_EQ_FR=0.35, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id o0nrxm56Nm85 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 2 May 2012 01:05:39 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) by ietfa.amsl.com (Postfix) with ESMTP id 659F221F87C4 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Wed, 2 May 2012 01:05:39 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.69) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1SPUXN-0001to-BO for ietf-http-wg-dist@listhub.w3.org; Wed, 02 May 2012 08:03:49 +0000
Received: from maggie.w3.org ([128.30.52.39]) by frink.w3.org with esmtp (Exim 4.69) (envelope-from <lionel.morand@orange.com>) id 1SPUXB-0001ss-2t for ietf-http-wg@listhub.w3.org; Wed, 02 May 2012 08:03:37 +0000
Received: from p-mail2.rd.francetelecom.com ([195.101.245.16]) by maggie.w3.org with esmtp (Exim 4.72) (envelope-from <lionel.morand@orange.com>) id 1SPUX0-0002jD-Ih for ietf-http-wg@w3.org; Wed, 02 May 2012 08:03:34 +0000
Received: from p-mail2.rd.francetelecom.com (localhost.localdomain [127.0.0.1]) by localhost (Postfix) with SMTP id 1EFE9E301B2; Wed, 2 May 2012 10:03:10 +0200 (CEST)
Received: from ftrdsmtp1.rd.francetelecom.fr (unknown [10.192.128.46]) by p-mail2.rd.francetelecom.com (Postfix) with ESMTP id 11960E301B1; Wed, 2 May 2012 10:03:10 +0200 (CEST)
Received: from ftrdmel1.rd.francetelecom.fr ([10.192.128.40]) by ftrdsmtp1.rd.francetelecom.fr with Microsoft SMTPSVC(6.0.3790.4675); Wed, 2 May 2012 10:03:04 +0200
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Date: Wed, 02 May 2012 10:03:02 +0200
Message-ID: <B11765B89737A7498AF63EA84EC9F577014C8BF1@ftrdmel1>
In-Reply-To: <594FB5C6-C676-43B4-9D4F-586573E24E04@mnot.net>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: Reminder: Call for Proposals - HTTP Authentication
Thread-Index: Ac0n8mStxvJtOr9gRrWW0VTcLs6jWAAR0tzw
References: <14A09626-8397-4656-A042-FEFDDD017C9F@mnot.net> <B11765B89737A7498AF63EA84EC9F577014C8B6C@ftrdmel1> <D159EF0F-AEEC-4629-91EC-C6B0A9BEA9EE@mnot.net> <B11765B89737A7498AF63EA84EC9F577014C8B82@ftrdmel1> <594FB5C6-C676-43B4-9D4F-586573E24E04@mnot.net>
From: lionel.morand@orange.com
To: mnot@mnot.net
Cc: ietf-http-wg@w3.org
X-OriginalArrivalTime: 02 May 2012 08:03:04.0120 (UTC) FILETIME=[0042BB80:01CD283A]
Received-SPF: softfail client-ip=195.101.245.16; envelope-from=lionel.morand@orange.com; helo=p-mail2.rd.francetelecom.com
X-W3C-Hub-Spam-Status: No, score=-3.5
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_SOFTFAIL=0.665
X-W3C-Scan-Sig: maggie.w3.org 1SPUX0-0002jD-Ih e8f865fe9ba34f99b8ebc55d7fda7b0f
X-Original-To: ietf-http-wg@w3.org
Subject: RE: Reminder: Call for Proposals - HTTP Authentication
Archived-At: <http://www.w3.org/mid/B11765B89737A7498AF63EA84EC9F577014C8BF1@ftrdmel1>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/13512
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
Resent-Message-Id: <E1SPUXN-0001to-BO@frink.w3.org>
Resent-Date: Wed, 02 May 2012 08:03:49 +0000
I will! Regards, Lionel -----Message d'origine----- De : Mark Nottingham [mailto:mnot@mnot.net] Envoyé : mercredi 2 mai 2012 01:30 À : MORAND Lionel RD-CORE-ISS Cc : ietf-http-wg@w3.org Objet : Re: Reminder: Call for Proposals - HTTP Authentication We can certainly discuss it. Would you be willing to write up a small Internet-Draft (e.g., 1-2 pages) outlining the proposal and any work you see as necessary (either in modifying the RFC as it progresses, or adding more infrastructure to make it more broadly usable? Cheers, On 01/05/2012, at 10:13 PM, <lionel.morand@orange.com> <lionel.morand@orange.com> wrote: > Hi Mark, > > Of course, to be applicable, the first requirement for SIM-based authentication schemes is to have a SIM card (or software based implementation) and this implies that you have a mobile subscription. > However, the authentication mechanism is not contrite to mobile networks and can be typically used over any HTTP-based access, e.g. wifi, adsl, cable, etc., the mobile network being used only for AAA purposes, as trusted 3rd-party. > Moreover, the terminal itself can be a mobile phone but also any IP-enabled device (e.g. PC, tablet, etc.) providing a API to the SIM card. Moreover, the browser is seen as off-the-shelf application and not mobile specific. > > For the reasons, I was considering that it would be a general interest to reference a standard document instead of an Informational RFC. And this period of "clean-up" of the HTTP documentation seems to be suitable for that. > > Regards, > > Lionel > > -----Message d'origine----- > De : Mark Nottingham [mailto:mnot@mnot.net] > Envoyé : mardi 1 mai 2012 02:57 > À : MORAND Lionel RD-CORE-ISS > Cc : ietf-http-wg@w3.org > Objet : Re: Reminder: Call for Proposals - HTTP Authentication > > Hi Lionel, > > Do you know of any use outside of a mobile context? If there's interest, we can certainly look at it, but if it's relegated to just that market (whether or technical or social reasons), I don't think this would necessarily be the right place to advance it to a standard (speaking just for me). > > Cheers, > > > On 01/05/2012, at 3:02 AM, <lionel.morand@orange.com> <lionel.morand@orange.com> wrote: > >> Any feedback? >> >> Lionel >> >> -----Message d'origine----- >> De : MORAND Lionel RD-CORE-ISS >> Envoyé : vendredi 27 avril 2012 11:54 >> À : 'Mark Nottingham'; 'HTTP Working Group' >> Objet : RE: Reminder: Call for Proposals - HTTP Authentication >> >> Hi, >> >> RFC 3310 is informational but used in mobile networks. I think it is worth to consider the interest of defining this mechanism as "standard" HTTP authentication scheme. What should be the process? >> >> In the same line, I have a draft on adaption of RFC3310 for 2G AKA (see. http://tools.ietf.org/id/draft-morand-http-digest-2g-aka-02.txt). I would propose to add it to the list of new potential authentication schemes but only if RFC 3310 is part of the same list. Otherwise, it could be only informal. >> >> Regards, >> >> Lionel >> >> -----Message d'origine----- >> De : Mark Nottingham [mailto:mnot@mnot.net] >> Envoyé : vendredi 27 avril 2012 07:28 >> À : HTTP Working Group >> Objet : Reminder: Call for Proposals - HTTP/2.0 and HTTP Authentication >> >> Just a reminder that we're still accepting proposals for: >> >> 1. HTTP/2.0 >> 2. New HTTP authentication schemes >> >> As per our charter <http://datatracker.ietf.org/wg/httpbis/charter/>. >> >> So far, we've received the following proposals applicable to HTTP/2.0: >> <http://trac.tools.ietf.org/wg/httpbis/trac/wiki/Http2Proposals> >> >> But none yet for authentication schemes: >> <http://trac.tools.ietf.org/wg/httpbis/trac/wiki/HttpAuthProposals> >> >> As communicated in Paris, the deadline for proposals is 15 June, 2012. It's fine if your proposal isn't complete, but we do need to have a good sense of it by then, for discussion. >> >> Regards, >> >> -- >> Mark Nottingham http://www.mnot.net/ >> >> >> >> > > -- > Mark Nottingham http://www.mnot.net/ > > > -- Mark Nottingham http://www.mnot.net/
- Reminder: Call for Proposals - HTTP/2.0 and HTTP … Mark Nottingham
- Re: Reminder: Call for Proposals - HTTP/2.0 and H… James M Snell
- Re: Reminder: Call for Proposals - HTTP/2.0 and H… Mark Nottingham
- Re: Reminder: Call for Proposals - HTTP/2.0 and H… James M Snell
- Re: Reminder: Call for Proposals - HTTP/2.0 and H… Willy Tarreau
- Re: Reminder: Call for Proposals - HTTP/2.0 and H… Mark Nottingham
- Re: Reminder: Call for Proposals - HTTP/2.0 and H… Nicolas Mailhot
- Re: Reminder: Call for Proposals - HTTP/2.0 and H… Nicolas Mailhot
- Re: Reminder: Call for Proposals - HTTP/2.0 and H… Willy Tarreau
- RE: Reminder: Call for Proposals - HTTP Authentic… lionel.morand
- Re: Reminder: Call for Proposals - HTTP/2.0 and H… Nicolas Mailhot
- Re: Reminder: Call for Proposals - HTTP/2.0 and H… James M Snell
- RE: Reminder: Call for Proposals - HTTP Authentic… lionel.morand
- Re: Reminder: Call for Proposals - HTTP/2.0 and H… Peter Lepeska
- Re: Reminder: Call for Proposals - HTTP/2.0 and H… William Chan (陈智昌)
- Re: Reminder: Call for Proposals - HTTP/2.0 and H… Peter Lepeska
- Re: Reminder: Call for Proposals - HTTP/2.0 and H… William Chan (陈智昌)
- Re: Reminder: Call for Proposals - HTTP Authentic… Mark Nottingham
- RE: Reminder: Call for Proposals - HTTP Authentic… lionel.morand
- Re: Reminder: Call for Proposals - HTTP Authentic… Mark Nottingham
- RE: Reminder: Call for Proposals - HTTP Authentic… lionel.morand
- Re: Reminder: Call for Proposals - HTTP/2.0 and H… Nicolas Mailhot
- RE: Reminder: Call for Proposals - HTTP Authentic… Markus.Isomaki
- Re: Reminder: Call for Proposals - HTTP/2.0 and H… Peter Lepeska
- Re: Reminder: Call for Proposals - HTTP/2.0 and H… William Chan (陈智昌)
- Comments on Explicit/Trusted Proxy Peter Lepeska
- Re: Comments on Explicit/Trusted Proxy Stephen Farrell
- Re: Comments on Explicit/Trusted Proxy Peter Lepeska
- Re: Comments on Explicit/Trusted Proxy Yoav Nir
- Re: Comments on Explicit/Trusted Proxy Roberto Peon
- Re: Comments on Explicit/Trusted Proxy Peter Lepeska
- Re: Comments on Explicit/Trusted Proxy Stephen Farrell
- Re: Comments on Explicit/Trusted Proxy Fabian Keil
- Re: Comments on Explicit/Trusted Proxy Peter Lepeska
- Re: Comments on Explicit/Trusted Proxy Stephen Farrell
- Re: Comments on Explicit/Trusted Proxy Peter Lepeska
- Re: Comments on Explicit/Trusted Proxy Stephen Farrell
- Re: Comments on Explicit/Trusted Proxy Albert Lunde
- Re: Comments on Explicit/Trusted Proxy Stephen Farrell
- Re: Comments on Explicit/Trusted Proxy Peter Lepeska
- Re: Comments on Explicit/Trusted Proxy Peter Lepeska
- Re: Comments on Explicit/Trusted Proxy Roberto Peon
- Re: Comments on Explicit/Trusted Proxy Benjamin Carlyle
- Re: Comments on Explicit/Trusted Proxy Adrien W. de Croy
- Re: Comments on Explicit/Trusted Proxy Stephen Farrell
- Re: Comments on Explicit/Trusted Proxy Adrien W. de Croy
- Re: Comments on Explicit/Trusted Proxy Roberto Peon
- Re: Comments on Explicit/Trusted Proxy Roberto Peon
- Re: Comments on Explicit/Trusted Proxy Roberto Peon
- Re: Comments on Explicit/Trusted Proxy Adrien W. de Croy
- Re: Comments on Explicit/Trusted Proxy Roberto Peon
- Re: Comments on Explicit/Trusted Proxy Adrien W. de Croy
- Re: Comments on Explicit/Trusted Proxy Stephen Farrell
- Re: Comments on Explicit/Trusted Proxy Roberto Peon
- Re: Comments on Explicit/Trusted Proxy Stephen Farrell
- Re: Comments on Explicit/Trusted Proxy Roberto Peon
- Re: Comments on Explicit/Trusted Proxy Werner Baumann
- Re: Comments on Explicit/Trusted Proxy Stephen Farrell
- Re: Comments on Explicit/Trusted Proxy Yoav Nir
- Re: Comments on Explicit/Trusted Proxy Adrien W. de Croy
- Re: Comments on Explicit/Trusted Proxy Yoav Nir
- Re: Comments on Explicit/Trusted Proxy Adrien W. de Croy