HTTP Secure BOF (HTTPSEC) Reported by John Klensin/MCI The HTTPSEC BOF met once on Tuesday, 6 December. The BOF considered and recommended the formation of a working group to define a protocol to provide security services for HTTP. Tim Berners-Lee presented the background that a number of proposals had been made in this area, in the context of strong market pressure on industry to produce security for commerce. These included Shen from CERN, SHTTP from EIT, and SSL from Netscape. EIT's proposal was presented in outline by Alan Schiffman. The group felt that although many activities in the Security Area were relevant, there was no clash with this work. A draft outline charter was approved conditionally on it being fleshed out in discussion with the area director, and that the first milestone be the creation of a requirements document against which to measure the specification. The conclusion was that the closeness of the work to Security Area and security technology, and the relative independence from HTTP merited a working group in the Security Area separate from the HTTP Working Group in the Applications Area.