[252] in WWW Security List Archive
HTTP Security Announcement from the Dec 1994 IETF meeting
daemon@ATHENA.MIT.EDU (Greg Bossert)
Mon Dec 12 03:34:33 1994
Date: Mon, 12 Dec 94 1:03:55 EST
From: Greg Bossert <bossert@maurolycus.rutgers.edu>
To: www-security@ns1.rutgers.edu
Reply-To: Greg Bossert <bossert@maurolycus.rutgers.edu>
At the December 1994 Internet Engineering Task Force meeting in San
Jose, CA, USA, a BOF (Birds Of a Feather) meeting on HTTP Security
resulted in a request to the Internet Engineering Steering Group to
form an HTTP Security working group.
The meeting took place on the evening of Tuesday, December 6; alas,
this conflicted with the IETF Social Event (a trip to TheTech, San
Jose's science and technology museum). Nonetheless, a gratifying
30-40 people (that's a guess) attended the BOF.
Tim Berners-Lee chaired the meeting, and summarized the state of
security services in HTTP; he emphasised the demand (and resulting
opportunities) for quick specification and implementation of such
services.
Jeffrey Schiller, the Area Director for Security of the IETF,
summarized existing and ongoing work in security within the IETF,
including IP-layer security and proposed standard APIs for security
service libraries. Information on the IETF working groups is
available at
<http://www.commerce.net/information/standards/drafts/shttp.txt>.
Allan Schiffman of EIT outlined EIT's SHTTP proposal. Version 2 of
this proposal is available at
<http://www.commerce.net/information/standards/drafts/shttp.txt>.
The proposed HTTP Security (HTTPS?) working group would be
specifically tasked with developing requirements and specifications
for the provision of security services to HTTP. The group would
operate within the Security Area of the IETF. This mailing list,
www-security@nsmx.rutgers.edu, would serve as the working group's
official forum.
A companion group for non-security issues was also proposed. The HTTP
working group, would be chartered to to work on representing the
current state HTTP for standardization under the IETF, and for working
on requirements and specifications for future hypertext transfer
protocols. Preliminary information is available from
<http://www.ics.uci.edu/pub/ietf/http/>.
NOTE: Details of the HTTPS working group, including the name,
directorate, and charter, are preliminary and unofficial, pending
ratification by the IESG. Please refer to the information available
from the IETF <http://www.ietf.cnri.reston.va.us/home.html> for the
latest status of this group.
Information about the proposed working group, this mailing list and
its archives, and many other aspects of WWW Security is available from
<http://www-ns.rutgers.edu/www-security/>. This site has been greatly
expanded and improved in the last few days. The Web site and mailing
list are maintained by the Rutgers University WWW Security Team:
Greg Bossert
Simon Cooper
Walt Drummond
www-security-team@www-ns.rutgers.edu
owner-www-security@nsmx.rutgers.edu
--+ greg bossert rutgers university network services +--
--+ bossert@noc.rutgers.edu +--
--+ http://www-ns.rutgers.edu/~bossert +--
--+ PGP Footprint: 96 6D DC 1D 77 F8 73 68 C9 F6 8B 08 2C 4A 39 42 +--
--+ +--
--+ i have never been afraid to change -- Happy +--
--+ the circumstances of the world -- Rhodes +--
