Hi Stephen,
On 24/02/2012, at 11:54 PM, Stephen Farrell wrote:
On 02/24/2012 01:24 AM, Roy T. Fielding wrote:
On Feb 23, 2012, at 5:18 PM, Tim Bray wrote:
On Thu, Feb 23, 2012 at 5:13 PM, Roy T.
Fielding<fielding(_at_)gbiv(_dot_)com> wrote:
How many times do we have to do this before we declare insanity?
I don't care how much risk it adds to the HTTP charter. They are
all just meaningless deadlines anyway. If we want HTTP to have
something other than Basic (1993) and Digest (1995) authentication,
then it had better be part of *this* charter so that the proposals
can address them.
Well, Digest already isn't used by anyone :)
A popular misconception because it works unseen. See tools.ietf.org
Seriously, someone needs to propose some charter language or this
discussion is a no-op. -Tim
"Proposals for new HTTP authentication schemes are in scope."
How would a plan like the following look to folks:
- httpbis is chartered to include auth mechanism work as
per the above (or whatever text goes into the charter)
- that'll generate a slew of proposals, some good, some
bad, some better-than-current and some too complex
- plan is for httpbis to pick something (one or more if
they want, but one better-than-current one is the goal)
- give all the above a short timeframe (this year, pick
which to work on at the same time as re-chartering for
the details of HTTP/2.0 maybe)
- httpbis pick what they want, (zero or more) and go
do their stuff
Is the goal for HTTPbis "one or more" or "zero or more"? I see both above.
Again - I'm absolutely fine with soliciting proposals, but requiring output is
a different thing.
Thanks,
--
Mark Nottingham http://www.mnot.net/
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf