Re: Working Group Last Call: Encrypted Content-Encoding for HTTP

--------
In message <CABkgnnVsJpLntah=JpFeU1m3HYPrh+zngfDfffujFowckdDweQ@mail.gmail.com>
, Martin Thomson writes:
>On 7 June 2016 at 17:10, Poul-Henning Kamp <phk@phk.freebsd.dk> wrote:
>> I propose that we do not use URIs as keyid in any of the examples,
>> but rather plain strings with no overloaded context such as
>> keyid="key01294".
>
>Aw, you picked up on my terrible examples.  I think that I might have
>thought that the mailto: one was a good enough signal, or that the
>lack of an 's' in http:// was enough to make someone think twice.  But
>you are right, people just aren't always that smart.
>
>For you: https://github.com/httpwg/http-extensions/pull/196

keyid as "sequence of octets" sounds too liberal to me, do you really
want to allow SOH, NL and ESC ?

I thought there were a canonical ABNF for a string element of a HTTP
header we could lean on somewhere ?



-- 
Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.

Received on Wednesday, 8 June 2016 06:04:42 UTC