- From: Julian Reschke <julian.reschke@gmx.de>
- Date: Fri, 21 Aug 2009 08:14:38 +0200
- To: "Roy T. Fielding" <fielding@gbiv.com>
- CC: HTTP Working Group <ietf-http-wg@w3.org>
Roy T. Fielding wrote:
> On Aug 20, 2009, at 4:50 AM, Julian Reschke wrote:
>
>> so the proposal is to fix the Upgrade Token Registry contents
>> (<http://www.iana.org/assignments/http-upgrade-tokens/>) to say:
>>
>> -- snip --
>> Value Description Reference
>>
>> HTTP Hypertext Transfer Protocol [RFC2616]
>> TLS/1.0 Transport Layer Security [RFC2817]
>> WebSocket The Web Socket Protocol [draft-hixie-thewebsocketprotocol]
>> -- snip --
>
> No, that TLS/1.0 is not valid. The token is TLS.
> ...
Roy,
we just discussed this very issue and came to the conclusion that the
registry can contain both simple tokens and token + version
combinations. In particular, the registry procedure in RFC 2817
(<http://tools.ietf.org/html/rfc2817#section-7.2>) says:
6. The responsible party for the first registration of a "product"
token MUST approve later registrations of a "version" token
together with that "product" token before they can be registered."
...which indicates that the registry can hold both. I imagine the
purpose is that individual entries for different versions can point to
different specifications.
As HTTPbis Part 1 now takes over the registry for Upgrade Tokens we can
of course fix this, in which case we should re-open issue 172
(<http://trac.tools.ietf.org/wg/httpbis/trac/ticket/172>).
With respect to TLS and the registration, RFC 2817 clearly is confused,
as it says:
This specification defines the protocol token "TLS/1.0" as the
identifier for the protocol specified by The TLS Protocol [6].
...although "TLS/1.0" is a token + version, not a simple token.
If we do agree that this should just have said "TLS", we of course can
submit an erratum to RFC2817, and adjust the registry contents as well.
BR, Julian
Received on Friday, 21 August 2009 06:15:23 UTC