- From: Andreas Petersson <andreas@sbin.se>
- Date: Mon, 14 May 2012 17:19:29 +0200
- To: apps-discuss@ietf.org
- Cc: ietf-http-wg@w3.org
- Message-ID: <20120514171929.647b92db@hetzer>
On Tue, 01 May 2012 19:26:50 +0100
Alexey Melnikov <alexey.melnikov@isode.com> wrote:
> Dear WG participants,
> I would like to initiate WG Last Call on
> draft-ietf-appsawg-http-forwarded-02.txt ("Forwarded HTTP Extension").
> Please send your reviews, as well as expressions of support regarding
> document readiness for IESG (or not) either to the mailing list, or
> directly to WG chairs (Murray Kucherawy <msk@cloudmark.com> and myself).
> Comments like "I've read the document and it is Ok to publish" or "I've
> read the document and it has the following issues" are useful and would
> be gratefully accepted by chairs.
>
> The WGLC will end on Friday, May 18th.
We are closing in on May 18:th now. We have got plenty of good input.
To summarize, I have made a preliminary change log, covering things
that has been discussed this far. I will also mention ideas that we do
not intend to incorporate in this document.
If you have suggested something that is not in the list below I may
have missed that, please send a reminder to me in such case.
If you disagree with something in the list or have other ideas, please
let me know.
*** Intended changes ***
1.1, Section 4: Clearly mention that IPv6-addresses must be quoted.
Also show this in examples. This also applies to IPv4 addresses
when the port is specified.
1.2, Section 4: Have a less complex example. Also, make sure that the
quote is placed on the right side of the "=".
1.3, Section 4: Add a note that a proxy can also add a new
"Forwarded: .."-line, as this is equivalent.
1.4, Section 5.*: Remove some MAY-references.
1.5, Section 5.1: Add a note that the by-parameter may be useful in a
multi-homed environment.
1.6, Section 5.2: Add a note that in some situations it is more relevant
to read the address of the last proxy in the last
Forwarded-by-field.
1.7, Section 5.2: Formulate paragraph 1 to include that the information
is not only regarding the initiating client. Also change "user
agent" to "client".
1.8, Section 5.5: Change the requirement to notify IANA into:
>"It is possible to register additional parameters using the IANA
>registration policy described in [RFC3864]"
1.9, Section 6: Require obfport to start with an underscore.
1.10, Section 6 & 6.3: Include "[:._-]" as valid characters in obfnode
and obfport.
1.11, Section 6.1: s/zero compression/compression of zeroes/
1.12, Section 6.1: s/IPv6 adress/IPv6 address/
1.13, Section 7: Add some notes on when the header should be preserved
or not. Duscussed under #7:
http://www.ietf.org/mail-archive/web/apps-discuss/current/msg05535.html
1.14, Section 7: Note that this header field is not possible to combine
with the information from the via-header field with certainty.
1.15, Section 7.1: Remove the word "correctly" from:
"[...] information might not be correctly updated [...]"
1.16, Section 7.x: Encourage proxies to convert X-Forwarded-*
when possible.
1.17, Section 8.2: Add the text W. Tarreau mentions:
(with the change of must -> should in the first sentence)
> This header field should never be copied into response messages by
> origin servers or intermediaries for whatever reason as it can reveal
> the whole proxy chain to the client. As a side effect, special care
> must be taken in hosting environments not to allow the TRACE request
> where the Forwarded field is used, as it would appear in the body of
> the response message.
1.18, Section 8: Add a section or a note about privacy considerations.
*** Suggestions we intend NOT to incorporate ***
(somewhat incomplete)
2.1, TCP-options. This can be standardized in a separate document.
2.2, Complex transition schemes.
Best regards,
Andreas Petersson
Received on Monday, 14 May 2012 15:20:16 UTC