W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2006

RE: security requirements (was: Updating RFC 2617 (HTTP Digest) to use UTF-8)

From: Paul Leach <paulle@windows.microsoft.com>
Date: Sat, 4 Nov 2006 13:35:16 -0800
Message-ID: <76323E9F0A911944A4E9225FACFC55BA02B09653@WIN-MSG-20.wingroup.windeploy.ntdev.microsoft.com>
To: Robert Sayre <sayrer@gmail.com>
CC: Henrik Nordstrom <hno@squid-cache.org>, HTTP Working Group <ietf-http-wg@w3.org> 

It's what those words mean.

To say what you mean, then a protocol spec says that when a client sends
X, it MUST respond with Y -- it does not say that X and Y are
mandatory-to-implement.


-----Original Message-----
From: ietf-http-wg-request@w3.org [mailto:ietf-http-wg-request@w3.org]
On Behalf Of Robert Sayre
Sent: Saturday, November 04, 2006 4:22 PM
To: Paul Leach
Cc: Henrik Nordstrom; HTTP Working Group
Subject: Re: security requirements (was: Updating RFC 2617 (HTTP Digest)
to use UTF-8)


On 11/4/06, Paul Leach <paulle@windows.microsoft.com> wrote:
>
> That's because making a protocol feature mandatory-to-implement does
NOT
> make it mandatory to configure.

That's not a meaningful distinction on the Internet.

-- 

Robert Sayre
Received on Saturday, 4 November 2006 21:35:53 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:49:53 GMT