- From: John Franks <john@math.nwu.edu>
- Date: Tue, 9 Dec 1997 15:09:00 -0600 (CST)
- To: Dave Kristol <dmk@bell-labs.com>
- Cc: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
On Tue, 9 Dec 1997, Dave Kristol wrote: > I still feel my one objection about proxy-added headers is substantive > and unresolved. Briefly, an origin server might omit headers that get > figured into the entity-digest calculation. A proxy might subsequently > add those headers. The client sees a message *with* the headers, > calculates an entity-digest that figures them in, and gets a different > answer from what the origin server calculated. > > Dave Kristol > I agree that there is an issue here. The current spec says the proxy MUST not add these headers. If I recall you suggested the MUST be changed to SHOULD. I am not sure how this helps beyond making the proxy technically "legal." It doesn't materially affect the problem. What should a proxy do in this situation? It seems it must either not add headers or break the entity-digest. John Franks john@math.nwu.edu
Received on Tuesday, 9 December 1997 12:53:13 UTC