[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Security Considerations

To: "Sam Hartman" <hartmans-ietf@xxxxxxx>
Subject: Re: Security Considerations
From: "Joe Gregorio" <joe.gregorio@xxxxxxxxx>
Date: Thu, 3 Aug 2006 14:22:18 -0400
Cc: "Robert Sayre" <sayrer@xxxxxxxxx>, "Eric Rescorla" <ekr@xxxxxxxxxxxxxxxxxxxx>, "James M Snell" <jasnell@xxxxxxxxx>, "Brian E Carpenter" <brc@xxxxxxxxxxxxxx>, "Roy T. Fielding" <fielding@xxxxxxxx>, "Lisa Dusseault" <lisa@xxxxxxxxxxxxxxxxx>, "atom-protocol Protocol" <atom-protocol@xxxxxxx>, "IESG IESG" <iesg@xxxxxxxx>
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=D2yG/DGi/Ekr4rawx/qOZxKfl2DhOkAPx6n2OCIBlfykwWCs1g0RFZ9FvCbPopMCUUU/TZ4mJx5UT9V6KTh/O2+oomCK7Ewr4nezMhgYf0TE/Y0CS80Q1ubUycBdvqYqdiVdD3JSbhENLdQbh747bhSkPLpVlhKVtjr01V+vgKA=
In-reply-to: <tslac6liusd.fsf@xxxxxxxxxx>
List-archive: <http://www.imc.org/atom-protocol/mail-archive/>
List-id: <atom-protocol.imc.org>
List-unsubscribe: <mailto:atom-protocol-request@imc.org?body=unsubscribe>
References: <44D21C44.1020701@xxxxxxxxx> <20060803160531.DDC32222426@xxxxxxxxxxxxxxxxxxxxxxxxxx> <68fba5c50608030928k7345551cx9d44e17c2b574fc1@xxxxxxxxxxxxxx> <tslac6liusd.fsf@xxxxxxxxxx>
Sender: owner-atom-protocol@xxxxxxxxxxxx


On 8/3/06, Sam Hartman <hartmans-ietf@xxxxxxx> wrote:

The conclusion of those on the call is that in order to meet IETF
interoperability requirements APP must normatively require a mandatory
to implement security mechanism for HTTP authentication.


To put this in perspective this is the only bit of useless
bureaucratic boilerplate that will be in the spec. Yes, there
are other bits of bureaucratic boilerplate in the spec but I think they
are useful and make the spec better. And yes, I see almost
complete unanimity that this will be universally ignored in
practice. Let's just hold our noses, add it to the spec, and move on.

  -joe

--
Joe Gregorio        http://bitworking.org

Follow-Ups:
- Re: Security Considerations
  - From: Julian Reschke
- Re: Security Considerations
  - From: Robert Sayre
- Re: Security Considerations
  - From: James M Snell

References:
- Re: Security Considerations
  - From: James M Snell
- Re: Security Considerations
  - From: Eric Rescorla
- Re: Security Considerations
  - From: Robert Sayre
- Re: Security Considerations
  - From: Sam Hartman

Prev by Date: Re: Security Considerations
Next by Date: Re: Security Considerations
Previous by thread: Re: Security Considerations
Next by thread: Re: Security Considerations
Index(es):
- Date
- Thread