- From: Frank Ellermann <nobody@xyzzy.claranet.de>
- Date: Wed, 23 Jan 2008 21:09:45 +0100
- To: ietf-http-wg@w3.org
Julian Reschke wrote: > I'm not totally opposed to mentioning this, but I'd really like > to understand how the intended change changes the situation... I think the subject is misleading: Whatever the default is, MIME ASCII (or the dubious Latin-1), for authors it's an excuse where they might get away without stating explicitly within their text/* documents what it is, because the documents really are ASCII (or Latin-1 for RFC 2616). For clients the wannabe-default is actually no reliable info, if they need to know what it is they check it *assuming* ASCII (or Latin-1) until they get to a point where it's either clear what it is, or where the assumption is apparently okay, or where they decide that they have no clue what it is, but certainly not the wannabe-default. In other words I think that the UTF-7 observation is a separate new issue unrelated to default ASCII / Latin-1 / UTF-8, because UTF-7 could be (mis-)interpreted as subset of of these defaults. And if that deserves a paragraph with MUSTard in the security considerations, then this doesn't depend on what the default is. Frank
Received on Wednesday, 23 January 2008 20:09:48 UTC