Re: Updating the rules?

To: Julian Reschke <julian.reschke at gmx.de>
Subject: Re: Updating the rules?
From: Russ Housley <housley at vigilsec.com>
Date: Sat, 14 Jul 2007 10:35:54 -0400
Cc: IETF discussion list <ietf at ietf.org>
In-reply-to: <4697D6BA.8080608@gmx.de>
List-help: <mailto:ietf-request@ietf.org?subject=help>
List-id: IETF-Discussion <ietf.ietf.org>
List-post: <mailto:ietf@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
References: <468C9DC5.1070805@gmail.com> <68fba5c50707062119l43e230edsd2361b55b2e2225b@mail.gmail.com> <468F331F.7000409@cs.utk.edu> <68fba5c50707092003uf9452b6ta0e026cfdc3d2b3@mail.gmail.com> <E1I9PlM-0006T3-Dt@megatron.ietf.org> <4697C576.6030904@gmx.de> <E1I9Qaw-0000UL-3M@megatron.ietf.org> <4697D6BA.8080608@gmx.de>

Julian:

I provided review and comment for the text that was sent forward to IESG Evaluation. It sounds like your issues are in the process before I saw the text.

As I said in my first posting, I'll let others provide rationale for their own actions.

Russ

At 03:47 PM 7/13/2007, Julian Reschke wrote:

Russ Housley wrote:
That is not the way the document arrived to the IESG. It said: The type of authentication deployed is a local decision made by the server operator. Clients are likely to face authentication schemes that vary across server deployments. At a minimum, client and server implementations MUST be capable of being configured to use HTTP Basic Authentication [RFC2617] in conjunction with a TLS [RFC2246] connection as defined in [RFC2818] (but note that [RFC2246] has been superseded by [RFC4346]). See [RFC4346] for more information on TLS. The normative reference cites TLS 1.0, making it the only version that is permitted. Russ
Yes, and that problem was known when it was submitted (together with confusing statement about RFC4346 which follows in the next sentence).

Originally the WG didn't want to put it any MTI requirement at all. As far as I can recall, we ended up with the text that was submitted because we were told that "this is what you need to do to get IESG approval".

The changes made in the latest draft clearly are an improvement over the text that was submitted, and hopefully the spec can now proceed.
Best regards and sorry for the confusion,
Julian

_______________________________________________
Ietf mailing list
Ietf at ietf.org
https://www1.ietf.org/mailman/listinfo/ietf

References:
- Updating the rules?
  - From: Brian E Carpenter
- Re: Updating the rules?
  - From: Robert Sayre
- Re: Updating the rules?
  - From: Keith Moore
- Re: Updating the rules?
  - From: Robert Sayre
- Re: Updating the rules?
  - From: Julian Reschke
- Re: Updating the rules?
  - From: Julian Reschke

Prev by Date: Re: The myth of NAT traversal, was: Re: IPv4 to IPv6 transition
Next by Date: Re: Updating the rules?
Previous by thread: Re: Updating the rules?
Next by thread: RE: Updating the rules?
Index(es):
- Date
- Thread

Note Well: Messages sent to this mailing list are the opinions of the senders and do not imply endorsement by the IETF.

Re: Updating the rules?

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.