W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2014

Re: #552: allow privacy proxies to be conformant

From: Bjoern Hoehrmann <derhoermi@gmx.net>
Date: Wed, 29 Jan 2014 20:08:24 +0100
To: "Roy T. Fielding" <fielding@gbiv.com>
Cc: HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <pljie99jcmd0mjngjlqf61go6k03bk9lm9@hive.bjoern.hoehrmann.de>
* Roy T. Fielding wrote:
>I think that the above text (which is broader than the specific header
>field requirements in RFC2616) can be improved by replacing it with the
>following text:
>   A proxy MUST NOT modify header fields that provide information about
>   the end points of the communication chain, the resource state, or the
>   selected representation (other than those necessary to describe how
>   the payload has been transformed). However, an exception to this
>   requirement applies to proxies that are specifically configured to
>   remove or filter header fields for the sake of privacy or security.
>   The person or organization selecting the proxy is presumed to have
>   control over its configuration.

This reads as though addition and manipulation of headers is not allowed
but it seems you mean to allow that; perhaps "remove, add, or modify"?

Editorially I think it would be better to have some qualifier at "proxy"
to hint at the exception, like "Ordinary proxies MUST NOT ... the only
exception ...".

Also, you say "an exception" suggesting there might be other exceptions.

Other than that, I think the text is okay.
Björn Höhrmann · mailto:bjoern@hoehrmann.de · http://bjoern.hoehrmann.de
Am Badedeich 7 · Telefon: +49(0)160/4415681 · http://www.bjoernsworld.de
25899 Dagebüll · PGP Pub. KeyID: 0xA4357E78 · http://www.websitedev.de/ 
Received on Wednesday, 29 January 2014 19:08:52 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:14:23 UTC