[With http-auth chair hat on] It is possible for one draft document to normatively reference another draft document. It can go through WGLC, IETF-LC, and IESG review and approval with this reference.
In such cases, the document does not get published until the reference also becomes an RFC, at which point the RFC editor converts the reference to a reference to the new RFC. There are two downsides to this process: - It delays the original document indefinitely. Not a problem in our case because nobody (other than the authors is waiting for our document) - You get into a messy situation if the precis document ends up stalled. If we have a direction, and we have authors volunteering to write this in precis, I'm not opposed to taking this route. Please note, that precise encoding issues apply to both passwords and usernames, as the new Digest algorithm allows hiding of usernames ([1]) Yoav [1] http://tools.ietf.org/html/draft-ietf-httpauth-digest-04#section-3.4.4 -----Original Message----- From: http-auth [mailto:[email protected]] On Behalf Of Yutaka OIWA Sent: Wednesday, February 05, 2014 11:21 AM To: Bjoern Hoehrmann Cc: Julian Reschke; [email protected]; [email protected] Subject: Re: [http-auth] [precis] Unicode normalization, was: Draft Minutes Posted for IETF 87 HTTP-AUTH Session >>2) As previously agreed upon, merge the two specs but only do some >>handwaving with respect to normalization for now. > > I like 2). Given taking 2), is it technically possible to make an "update" to the merged Basic-auth spec by a PRECIS profile document defined later (but sooner)? # I think, if any, the update may be something to "RECOMMEND" # or to say "SHOULD" do, or possibly "MAY" do, but not to say "MUST", # considering very pervasive and pragmatic nature of the Basic authentication. 2014-02-05 Bjoern Hoehrmann <[email protected]>: > * Julian Reschke wrote: >>Alternatives for "Basic": >> >>1) Keep the separation of the base spec >>(draft-ietf-httpauth-basicauth-update) from the one addressing I18N >>(draft-ietf-httpauth-basicauth-enc), and try to get the former out of >>the door as soon as possible. >> >>2) As previously agreed upon, merge the two specs but only do some >>handwaving with respect to normalization for now. > > I like 2). > -- > Björn Höhrmann · mailto:[email protected] · > http://bjoern.hoehrmann.de Am Badedeich 7 · Telefon: +49(0)160/4415681 > · http://www.bjoernsworld.de > 25899 Dagebüll · PGP Pub. KeyID: 0xA4357E78 · > http://www.websitedev.de/ -- Yutaka OIWA, Ph.D. Leader, System Life-cycle Research Group Research Institute for Secure Systems (RISEC) National Institute of Advanced Industrial Science and Technology (AIST) Mail addresses: <[email protected]>, <[email protected]> OpenPGP: id[440546B5] fp[7C9F 723A 7559 3246 229D 3139 8677 9BD2 4405 46B5] _______________________________________________ http-auth mailing list [email protected] https://www.ietf.org/mailman/listinfo/http-auth Email secured by Check Point _______________________________________________ precis mailing list [email protected] https://www.ietf.org/mailman/listinfo/precis
