W3C home > Mailing lists > Public > ietf-http-wg@w3.org > April to June 2014

Re: Indicating Chosen Service #443

From: Martin Thomson <martin.thomson@gmail.com>
Date: Fri, 25 Apr 2014 11:40:35 -0700
Message-ID: <CABkgnnW1sFVNJma4XcKn76wZPAQ5KhbK-343PdKCQdmT=ZF7_g@mail.gmail.com>
To: Erik Nygren <erik@nygren.org>
Cc: Mark Nottingham <mnot@mnot.net>, HTTP Working Group <ietf-http-wg@w3.org>
On 25 April 2014 11:08, Erik Nygren <erik@nygren.org> wrote:
> Given that the ALTSVC name isn't associated with the cert name, the
> highentropylabel could exist across multiple labels.  There are also
> legitimate uses for wanting to know the first domain component (eg, if it is
> routing information or the name of the server cluster the user was sent to).

Yes, I thought of that, but there are practical limits to what can be
done for labels that can't be covered by a wildcard.  It's certainly
imperfect.

Perhaps the best thing to do is provide security (privacy)
considerations on the matter.  I think that we can safely scrub the
expiration time.

I think that ideally, I'd like to make the indicator optional.  What
are the consequences for you if some clients follow ALTSVC but don't
provide an indicator?
Received on Friday, 25 April 2014 18:41:03 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:14:30 UTC