- From: William A. Rowe, Jr. <wrowe@rowe-clan.net>
- Date: Thu, 04 Jan 2007 15:24:13 -0600
- To: "Travis Snoozy (Volt)" <a-travis@microsoft.com>
- CC: Paul Leach <paulle@windows.microsoft.com>, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
Travis Snoozy (Volt) wrote: > ... but that is then inconsiderate of anyone who is reading the spec from > scratch, is it not? And since this *does* center around a MUST-level > requirement, I for one think it's very important to fix. Even though the > likely intent is clear to anyone who thinks about it long enough, what the > spec *says* will cause clients that do the sane thing to be non-conformant. I read a MUST-NOT, not a MUST. If there is no way to infer the user-agent's preference, do not present an Accept-Language header. This statement applies, in equal part, to an endpoint client agent as well as any middle layer agent. > On the other hand, I don't think that anyone really cares if their > client/server is "HTTP/1.1 conformant" at this point. I would choose words more wisely when emailing from a work account. Developers at Apache, Mozilla, certainly even at Microsoft do pay close attention to the specification. What they choose to do from that point forward is their own foolishness. The risk is that conformant++ behavior often becomes --conformant in actual practice, witness the attempt to be more forgiving of spaces between header fields and the separating colon of header strings, and the resulting HTTP request spoofing vulnerabilities between varying vendor agent implementations.
Received on Thursday, 4 January 2007 21:24:40 UTC