Re: NEW ISSUE: Transfer-Encoding in 1.0 messages from Henrik Nordstrom on 2007-11-23 (ietf-http-wg@w3.org from October to December 2007)

From: Henrik Nordstrom <henrik@henriknordstrom.net>
Date: Fri, 23 Nov 2007 23:17:39 +0100
To: Bjoern Hoehrmann <derhoermi@gmx.net>
Cc: ietf-http-wg@w3.org
Message-Id: <1195856259.12070.10.camel@henriknordstrom.net>

On fre, 2007-11-23 at 18:23 +0100, Bjoern Hoehrmann wrote:

> Your reading of the specification requires to assume that it does not
> explicitly discuss this case for a reason. However, it might just not
> discuss it because the case has been overlooked, and some would see
> the conflicting implementation behavior as security problem. I disagree
> that doing nothing about this in the specification is the best course of
> action.

I am fine with adding yet another comment mentioning that for
interoperbility reasons HTTP/1.1 implementations SHOULD follow the
HTTP/1.1 specifications even if seeing HTTP/1.0 messages except where
specifically noted in the HTTP/1.1 specifications.  HTTP/1.1 clients or
servers SHOULD NOT downgrade their implementation to the informal
HTTP/1.0 specification when seeing an HTTP/1.0 message but continue
processing that message according to the rules defined in the HTTP/1.1
specifications.

Would that solve your concerns in terms of specifications?

Regards
Henrik

Received on Friday, 23 November 2007 22:18:02 UTC