- From: Stefan Eissing <stefan.eissing@greenbytes.de>
- Date: Sat, 4 Nov 2006 21:41:07 +0100
- To: Robert Sayre <sayrer@gmail.com>
- Cc: "Henrik Nordstrom" <hno@squid-cache.org>, "HTTP Working Group" <ietf-http-wg@w3.org>
Am 04.11.2006 um 21:16 schrieb Robert Sayre: > > On 11/4/06, Robert Sayre <sayrer@gmail.com> wrote: >> "An HTTP client MUST NOT send a version for which it is not at least >> conditionally compliant.' >> > > Sorry, that's from RFC 2145. The send button was clicked a bit > early. :) > > In any case, the requirements and semantics of HTTP version numbers > seem clear as a bell to me. I don't see any interpretation that allows > something as radical as the addition of a mandatory security mechanism > without incrementing the version number. +1. And besides, I fail to see what shall be accomplished here. I get the feeling that people think that waving the magic wand of specification revisions will instantaneously change the world around them. It will not. If the spec would be changed in this way, all a reasonable server could deduce from a HTTP/1.1 request is that the client *may* implement the now mandatory to implement authentication schemes. That seems a bit thin a gain compared to the current situation, e.g. the server can assume that the client *may* implement basic and digest. //Stefan
Received on Saturday, 4 November 2006 20:41:47 UTC