W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > January to April 1998

Re: Minutes, HTTP-WG 8, 10 Dec 1997

From: Foteos Macrides <MACRIDES@sci.wfbr.edu>
Date: Wed, 07 Jan 1998 11:57:30 -0500 (EST)
To: masinter@parc.xerox.com
Cc: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
Message-Id: <01IS3ECZ9XO2003TJC@SCI.WFBR.EDU>
Larry Masinter <masinter@parc.xerox.com> wrote:
>(revised slightly from previous draft)
>[...]
>Issue PROTECTION-SPACE: People are happy with the current language, but
>current implementations don't behave as specified; the spec doesn't
>break any existing implementation. We'll go forward with the current
>language in rev-01.

	Note that the current revision still does not address the
issue of the implied protection space for Basic proxy authentication
(all Request-URIs via the proxy).


>[...]
>State Management:
>[...]
>Following the slide presentation, there was discussion on the privacy
>considerations in the draft.  Ted Hardie: In Comment-URL, the URL could
>potentially be a non-HTTP URL, and this issue needs to be addressed.

	I am puzzled by this statement.  In early drafts, there was
no restriction on the scheme for CommentURLs.  For security reasons,
the Lynx field test implementation limited them to server-based
schemes (e.g., http(s), gopher, ftp, wais).  Subsequent drafts
explicitly limited CommentURLs to http (and https by implication :)
and the implementation in the recent Lynx v2.7.2 release so restricts
them.  Isn't this a closed issue?

				Fote

=========================================================================
 Foteos Macrides            Worcester Foundation for Biomedical Research
 MACRIDES@SCI.WFBR.EDU         222 Maple Avenue, Shrewsbury, MA 01545
=========================================================================
Received on Wednesday, 7 January 1998 09:15:14 EST

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:33:09 EDT