On Wed, Jun 24, 2009 at 10:55 PM, Adam Barth<w3c@adambarth.com> wrote: > On Wed, Jun 24, 2009 at 10:46 PM, Mark Nottingham<mnot@mnot.net> wrote: >> Do you have a spec for sec-from? > > http://tools.ietf.org/html/draft-abarth-origin-01 > > This draft addresses the technical feedback I have receive on the -00 > version of the draft. As I said in the previous email, I'm going to > try to reply to all the outstanding emails in the next couple of days. Turns out my folder of outstanding issues was mostly individual emails. I had an outstanding request for data from this WG on the number of internal-to-external POST requests. Out of a sample of one million HTTP requests from an enterprise firewall: 1) 6% of the GET+POST requests were POST. 2) 10% of POSTs are cross-host. 3) There was exactly one POST from an internal host to an external host. Caveats: I can't see HTTPS traffic with this methodology. Different enterprises might be different. The enterprise in question does trip the Referer header (although I collected the data prior to stripping). AdamReceived on Sunday, 28 June 2009 23:13:07 UTC
This archive was generated by hypermail 2.4.0 : Thursday, 2 February 2023 18:43:19 UTC