W3C home > Mailing lists > Public > www-tag@w3.org > February 2011

RE: ACTION-472: New Mime-web-info draft

From: Larry Masinter <masinter@adobe.com>
Date: Tue, 1 Feb 2011 14:54:14 -0800
To: Karl Dubost <karld@opera.com>
CC: Yves Lafon <ylafon@w3.org>, "Eric J. Bowman" <eric@bisonsystems.net>, "nathan@webr3.org" <nathan@webr3.org>, "ashok.malhotra@oracle.com" <ashok.malhotra@oracle.com>, Jonathan Rees <jar@creativecommons.org>, Noah Mendelsohn <nrm@arcanedomain.com>, "www-tag@w3.org" <www-tag@w3.org>
Message-ID: <C68CB012D9182D408CED7B884F441D4D058EEE58B6@nambxv01a.corp.adobe.com>
Just thinking about this more. How about two headers:

content-type: 
content-type-verified:

(I started with 'verified-content-type' but there is some belief that
'content-' headers stay associated with the MIME body and are rewritten
when the content is transformed but otherwise not, while other headers
are hop-to-hop or end-to-end but connected with the transmission.)


these two headers SHOULD be the same. If they're the same, the receiver
can rely on the content-type and must not sniff.  If there's only
content-type, then the sender hasn't verified the content-type and
receiver MAY sniff (but only within well-known and established rules.)

If they are different, then the content-type has been modified by
some unaware intermediary which has modified the content-type
without changing the "content-type-verified". In this case, the
receiver should accept the content-type as authoritative, since
the content-type transformation wasn't done unknowingly.

This might give a way of introducing out-out sniffing. Again,
this only works if the receivers which follow this protocol
are well-deployed in the field before any senders start sending
"content-type-verified".

Those write recievers believe (rightfully) that they have the last word, set the standard, get to do whatever they want, so that a "processing rule" may or may not actually be meaningful.  There are too many different kinds of receivers, not just browsers, but search engines CDNs, etc.

A server telling them what to do with a processing rule "sniffing: opt-out" ... well, it's bound to be ignored. 

However, if the sender is just telling the receiver MORE information, that has different semantics. Operationally, though, this is equivalent to the other proposal.

Larry
--
http://larry.masinter.net


Received on Tuesday, 1 February 2011 22:54:45 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 26 April 2012 12:48:30 GMT