- From: Adrien de Croy <adrien@qbik.com>
- Date: Wed, 08 Aug 2007 10:40:56 +1200
- To: HTTP Working Group <ietf-http-wg@w3.org>
Julian Reschke wrote: > > In general, I think all methods should be allowed unless proven to be > a security problem. > I think there's a compelling argument to be made for denying all methods unless proven (or at least strongly believed) to be safe. Waiting for something to be proven unsafe isn't safe. If I were MS, I would definitely adopt the more cautious approach. -- Adrien de Croy - WinGate Proxy Server - http://www.wingate.com
Received on Tuesday, 7 August 2007 22:40:35 UTC