On Mar 1, 2012, at 10:01 AM, Nick Hilliard wrote:
Can I suggest you also include authorization capabilities as a core
component of this. It's not much use to have people able to authenticate
themselves to a system if that system doesn't also provide a framework for
allowing the server-side application decide what they can or cannot do.
This is a request for an HTTP capability that is significantly different than
what has been proposed before, and has not been one of the items that caused
problems in HTTP 1.x. I suggest that this not be part of the charter for
httpbis until it can be shown to be a significant need, not just a new idea.
--Paul Hoffman
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf