- From: Jeffrey Mogul <Jeff.Mogul@hp.com>
- Date: Mon, 22 Feb 2010 14:51:44 -0800
- To: Joe Orton <joe@manyfish.co.uk>
- cc: ietf-http-wg@w3.org, Jeff.Mogul@hp.com
Just an FYI: before anyone fiddles with the Expect/Continue
mechanism, you should definitely read this paper:
@INPROCEEDINGS{Bradley02safecomposition,
author = {Adam D. Bradley and Azer Bestavros and Assaf J. Kfoury},
title = {Safe Composition of Web Communication Protocols for Extensible
Edge Services},
booktitle = {In Workshop on Web Caching and Content Delivery (WCW},
year = {2002}
}
Available via:
http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.9.2854
The title is a bit of a red herring; the paper is mostly about
the specific case of the Expect/Continue mechanism. In particular,
very subtle issues can create deadlocks when trying to interoperate
between proxies, clients, and servers implementing slightly different
versions of Expect/Continue.
I wouldn't expect the working group to use the same formal-verification
techniques that these authors used (not that it would be a bad idea
to do so, just that I don't think it will happen), but at least
people should try to understand the causes of the problems exposed
by this paper, before changing anything here.
-Jeff
Received on Monday, 22 February 2010 22:52:48 UTC