W3C home > Mailing lists > Public > www-tag@w3.org > February 2011

RE: ACTION-472: New Mime-web-info draft

From: Larry Masinter <masinter@adobe.com>
Date: Tue, 1 Feb 2011 14:54:14 -0800
To: Karl Dubost <karld@opera.com>
CC: Yves Lafon <ylafon@w3.org>, "Eric J. Bowman" <eric@bisonsystems.net>, "nathan@webr3.org" <nathan@webr3.org>, "ashok.malhotra@oracle.com" <ashok.malhotra@oracle.com>, Jonathan Rees <jar@creativecommons.org>, Noah Mendelsohn <nrm@arcanedomain.com>, "www-tag@w3.org" <www-tag@w3.org>
Message-ID: <C68CB012D9182D408CED7B884F441D4D058EEE58B6@nambxv01a.corp.adobe.com>
Just thinking about this more. How about two headers:


(I started with 'verified-content-type' but there is some belief that
'content-' headers stay associated with the MIME body and are rewritten
when the content is transformed but otherwise not, while other headers
are hop-to-hop or end-to-end but connected with the transmission.)

these two headers SHOULD be the same. If they're the same, the receiver
can rely on the content-type and must not sniff.  If there's only
content-type, then the sender hasn't verified the content-type and
receiver MAY sniff (but only within well-known and established rules.)

If they are different, then the content-type has been modified by
some unaware intermediary which has modified the content-type
without changing the "content-type-verified". In this case, the
receiver should accept the content-type as authoritative, since
the content-type transformation wasn't done unknowingly.

This might give a way of introducing out-out sniffing. Again,
this only works if the receivers which follow this protocol
are well-deployed in the field before any senders start sending

Those write recievers believe (rightfully) that they have the last word, set the standard, get to do whatever they want, so that a "processing rule" may or may not actually be meaningful.  There are too many different kinds of receivers, not just browsers, but search engines CDNs, etc.

A server telling them what to do with a processing rule "sniffing: opt-out" ... well, it's bound to be ignored. 

However, if the sender is just telling the receiver MORE information, that has different semantics. Operationally, though, this is equivalent to the other proposal.


Received on Tuesday, 1 February 2011 22:54:45 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 7 January 2015 15:33:09 UTC