- From: Mark Nottingham <mnot@mnot.net>
- Date: Mon, 26 Nov 2007 15:38:53 -0800
- To: Henrik Nordstrom <henrik@henriknordstrom.net>
- Cc: Bjoern Hoehrmann <derhoermi@gmx.net>, ietf-http-wg@w3.org
We've also briefly discussed folding RFC2145 into 2616bis, or at least expanding upon the reference to make it more prominent and give more context. On 23/11/2007, at 2:17 PM, Henrik Nordstrom wrote: > On fre, 2007-11-23 at 18:23 +0100, Bjoern Hoehrmann wrote: > >> Your reading of the specification requires to assume that it does not >> explicitly discuss this case for a reason. However, it might just not >> discuss it because the case has been overlooked, and some would see >> the conflicting implementation behavior as security problem. I >> disagree >> that doing nothing about this in the specification is the best >> course of >> action. > > I am fine with adding yet another comment mentioning that for > interoperbility reasons HTTP/1.1 implementations SHOULD follow the > HTTP/1.1 specifications even if seeing HTTP/1.0 messages except where > specifically noted in the HTTP/1.1 specifications. HTTP/1.1 > clients or > servers SHOULD NOT downgrade their implementation to the informal > HTTP/1.0 specification when seeing an HTTP/1.0 message but continue > processing that message according to the rules defined in the HTTP/1.1 > specifications. > > Would that solve your concerns in terms of specifications? > > Regards > Henrik -- Mark Nottingham http://www.mnot.net/
Received on Monday, 26 November 2007 23:39:11 UTC