[1492] in WWW Security List Archive
S-HTTP Drafts
daemon@ATHENA.MIT.EDU (EKR)
Sat Feb 17 20:05:22 1996
Date: Sat, 17 Feb 1996 14:00:54 -0800
From: EKR <ekr@terisa.com>
To: wts-wg@postofc.corp.sgi.com
Cc: www-security@ns2.rutgers.edu
Reply-To: wts-wg@postofc.corp.sgi.com
Errors-To: owner-www-security@ns2.rutgers.edu
There are now two drafts, one describing the S-HTTP protocol and
negotiation syntax (draft-ietf-wts-shttp-00.txt) and another document
describing a method for adding negotiation information to HTML
anchors. (draft-ietf-wts-shtml-00.txt).
The drafts have been posted to Internet-Drafts. I'd like
to advance them to proposed standard at the next IETF meeting
(L.A.).
I suspect that the following issues may be controversial:
1. We still don't prescribe a base symmetric cipher which must be
supported. In fact, confidentiality support is not required.
2. We've added a new MAC construction based on Hugo Krawczyk's HMAC
construction. There seems to be some controversy about the appropriate
way to construct MACs based on keyed hashes.
People disagreeing with these points (or who have other comments
they'd like to make) should speak up now.
Thanks,
-Ekr
P.S. I've set followups to wts-wg@postofc.corp.sgi.com which
is the official WTS Working Group Mailing List
