- From: Julian Reschke <julian.reschke@gmx.de>
- Date: Sun, 10 Jan 2016 17:22:29 +0100
- To: Hervé Ruellan <herve.ruellan@crf.canon.fr>, HTTP Working Group <ietf-http-wg@w3.org>
On 2015-12-15 16:35, Hervé Ruellan wrote: > ... >> 2) In >> <https://github.com/hruellan/http-extensions/commit/fabd0943cde7e8af07f20b74acc2e48ac16e5f3e>, >> >> Hervé proposes a change that IMHO is not editorial as it affects a >> normative requirement. Feedback appreciated. > > Yes, this affects a normative requirement. However my proposed addition > is already in the spec, in the third paragraph of "9.2 Changing Hosts", > which is referring to 2.1. I find it better to have the whole > description in 2.1. > ... I just noticed that I failed to reply to this. The proposed change is to replace "Clients MUST NOT use alternative services with a host that is different from the origin's without strong server authentication; ...." by "Clients MUST NOT use an alternative service with a host that is different than the origin's without strong server authentication linking the alternative service with the origin's identity. ..." My remaining concern is that "...linking the alternative service with the origin's identity..." might not sufficiently precise for a normative requirement. More feedback appreciated. Best regards, Julian
Received on Sunday, 10 January 2016 16:22:52 UTC