I see several +1's to the 'https+basic recommended but not required'
idea, and no -1's. Paul, how do you conclude that there's no consensus
here?
Paul Hoffman wrote:
Wearing my WG co-chair hat, I think the WG does not have consensus on
what to do. Further, it is not clear that we need to do anything other
than be explicit about punting. That is, we don't have to say all the
things we argued about and why.
I propose the following paragraph for the entire contents of section
13; comments are welcome.
All instances of publishing Atom Format entries SHOULD be protected by
authentication to prevent posting or editing by unknown sources. The
type of authentication used is a local decision made by the server
and the client. Because of this, servers and clients are likely to
face different types of authentication schemes.
--Paul Hoffman, Director
--Internet Mail Consortium
