- From: Yves Lafon <ylafon@w3.org>
- Date: Tue, 14 Oct 2008 10:37:08 -0400 (EDT)
- To: Brian Smith <brian@briansmith.org>
- cc: 'Stefanos Harhalakis' <v13@v13.gr>, 'Julian Reschke' <julian.reschke@gmx.de>, ietf-http-wg@w3.org
On Mon, 13 Oct 2008, Brian Smith wrote: > Yves Lafon wrote: >> On Sun, 12 Oct 2008, Stefanos Harhalakis wrote: >> In the same vein, refusing overlapping range request that >> would be bigger than exporting the whole document (and >> serving the document instead) seems to be a sane >> implementation choice, but the spec shouldn't cover all >> those corner cases, IMHO. > > I agree that the specification doesn't need to be ammended to allow the > server to refuse these requests since the server can already refuse them. > However, it should be mentioned in the security considerations. Agreed. and it's the case for all known security issues. -- Baroula que barouleras, au tiéu toujou t'entourneras. ~~Yves
Received on Tuesday, 14 October 2008 14:37:24 UTC