IPP> FW: Last Call: Upgrading to TLS Within HTTP/1.1 to Proposed Stan dard

IPP> FW: Last Call: Upgrading to TLS Within HTTP/1.1 to Proposed Stan dard

Manros, Carl-Uno B cmanros at cp10.es.xerox.com
Wed Sep 22 20:40:42 EDT 1999


FYI,

The document that describes how to invoke TLS over HTTP is not in the hands
of the IESG for ratification as a standards track document. Maybe this is
why the IESG has not yet let the IPP/1.1 docs through :-), you can always be
optimistic!

Carl-Uno

-----Original Message-----
From: Scott Lawrence [mailto:lawrence at agranat.com] 
Sent: Wednesday, September 22, 1999 10:24 AM
To: IETF Transport Layer Security WG; iesg at ietf.org; Harald T.
Alvestrand
Cc: Rohit Khare; Http-Wg at Hplb. Hpl. Hp. Com
Subject: Re: Last Call: Upgrading to TLS Within HTTP/1.1 to Proposed
Standard



> >The IESG has received a request from the Transport Layer Security
> >Working Group to consider Upgrading to TLS Within HTTP/1.1
> ><draft-ietf-tls-http-upgrade-02.txt> as a Proposed Standard.

> >To: iesg at ietf.org, IETF-Announce:;
> >From: Harald Tveit Alvestrand <Harald at Alvestrand.no>
> >Subject: Re: Last Call: Upgrading to TLS Within HTTP/1.1 to Proposed
> >   Standard
[...]
>IANA considerations section for upgrade tokens is not thought through.
>At the least, the registrant should be allowed to change the contact
details
>for a registration, so the statement
>
>  > 1. The registration for a given token MUST NOT be changed once
registered.
>
>is obviously not what's desired.
>
>I'd suggest the following rules:
>
>1. A token, once registered, stays registered forever.
>2. The registration MUST name a responsible party for the registration.
>3. The registration MUST name a point of contact.
>4. The registration MAY name the documentation required for the token.
>5. The responsible party MAY change the registration at any time. The
>     IANA will keep a record of all such changes, and make them
available
>     upon request.
>6. The responsible party for the first registration of a "product"
token
>     MUST approve later registrations of a "version" token together
with that
>     "product" token before they can be registered.
>7. If absolutely required, the IESG MAY reassign the responsibility for
>     a token. This will normally only be used in the case when a
responsible
>     party cannot be contacted.
>
>A lot more words, but I think it's more workable.

An excellent formulation.  The authors will gratefully accept this as a
friendly amendment if the IESG concurs.

--
Scott Lawrence           Director of R & D        <lawrence at agranat.com>
Agranat Systems, Inc.  Embedded Web Technology   http://www.agranat.com/



More information about the Ipp mailing list