- From: Julian Reschke <julian.reschke@gmx.de>
- Date: Fri, 21 Mar 2014 09:13:28 +0100
- To: Nicolas Mailhot <nicolas.mailhot@laposte.net>
- CC: Mark Nottingham <mnot@mnot.net>, HTTP Working Group <ietf-http-wg@w3.org>, Gabriel Montenegro <gabriel.montenegro@microsoft.com>
On 2014-03-21 08:59, Nicolas Mailhot wrote: > ... >> My concerns are the same as when this was presented first: how does this >> help? >> >> I hear that it makes security checks more reliable, but then, you can't >> rely on the header field being accurate > > There is a difference between working in heuristics mode all the time with > crossed fingers and rabbit legs and working in deterministic mode with > simple error handling (and error handling can be abort when what the other > node declares and what you receive are different – much more secure than > generalized guesswork) So how *exactly* does the header field help you in deciding whether to be in heuristics mode or not? Best regards, Julian
Received on Friday, 21 March 2014 08:14:05 UTC