- From: David Morris <dwm@xpasc.com>
- Date: Wed, 23 Jan 2008 09:08:26 -0800 (PST)
- cc: <ietf-http-wg@w3.org>
On Wed, 23 Jan 2008, Julian Reschke wrote: > Anne van Kesteren wrote: > > What does deprecate mean? If support for UTF-7 can't be removed than > > deprecating it will hardly matter. (I'm not sure whether support can or > > can not be removed, but I'd expect there to be content to rely on it.) > > Roy's suggestion of not sniffing for it seems like better advice to > > implementors than a notion of it being deprecated. > > Understood and agreed -- but where does that advice belong into? HTML5 > or HTTPbis? I would have thought the former... It seems to me that if there is a known security exposure for applications built on HTTP, then the httpbis document should at the minimum note the issue and provide a reference to the details. Seems like appropriate content for the security section. Dave Morris
Received on Wednesday, 23 January 2008 17:08:56 UTC