- From: Mark Nottingham <mnot@mnot.net>
- Date: Thu, 3 Mar 2016 13:59:39 +1100
- To: Spencer Dawkins <spencerdawkins.ietf@gmail.com>
- Cc: The IESG <iesg@ietf.org>, Mike Bishop <michael.bishop@microsoft.com>, HTTP WG <ietf-http-wg@w3.org>
Hi Spencer, > A couple of very nitty nits. > > In this text > > When the protocol does not explicitly carry the scheme (e.g., as is > usually the case for HTTP/1.1 over TLS, servers can mitigate this > ^ > I think there's a missing closing parenthesis right around here. > > If there's not, I'm having trouble parsing the sentence. Already fixed. > risk by either assuming that all requests have an insecure context, > or by refraining from advertising alternative services for insecure > schemes (such as HTTP). > > If there was an obvious reference for SPDY in this text > > The Alt-Svc header field was influenced by the design of the > Alternate-Protocol header field in SPDY. > > that might be useful to include. There's a URL; not sure how stable though. Cheers, -- Mark Nottingham https://www.mnot.net/
Received on Thursday, 3 March 2016 03:00:20 UTC