Date: Thu, 15 Dec 94 07:31:58 +0900
From: hallam(_at_)dxal18(_dot_)cern(_dot_)ch
>Similarly for http
>to html hypermedia security interactions. This will be lots of fun; but
> going to take a while, I forsee.
This is why I don't think its a good idea to start from the proposal that
Secure[HTTP] = PEM. Unless people want to make PEM hideously complex I
doubt that its feasible. Even if it were there are shortcuts avaliable in
HTTP that arn't in email. In HTTP one can always offload stuff onto a URI.
There's a separate working group that's about to be formed to address
this, actually. The HTTP Security BOF met at the last IETF, and work is
now underway to draft a charter for that group. So discussions on that
topic probably should be moved to that forum.
Unfortunately, I don't have the mailing list for that group handy --- if
someone who also attended the HTTP-S bof could post it, that would be
greatly appreciated.
- Ted