- From: Julian Reschke <julian.reschke@gmx.de>
- Date: Tue, 1 Mar 2016 12:08:28 +0100
- To: Mark Nottingham <mnot@mnot.net>, Barry Leiba <barryleiba@computer.org>
- Cc: Martin Thomson <martin.thomson@gmail.com>, Kari Hurtta <hurtta-ietf@elmme-mailer.org>, HTTP WG <ietf-http-wg@w3.org>
On 2016-02-28 16:41, Julian Reschke wrote: > ... >> A registry doesn't feel right because this isn't a protocol element. >> This isn't an extension in the usual sense; it's a controlled >> loosening of the spec's (security-sensitive) requirements. >> >> However, it doesn't seem like 'updates' is the right way to do this >> either. Upon reflection, I wonder if we really need either property >> (at least in such a rigorous form); people will find the mechanisms if >> they get implemented, and we've been happy to have OppSec as >> Experimental. >> >> Anyone have a problem with dropping this? >> >> """ >> Other means of establishing them MUST be documented in an RFC that >> updates this specification. >> """ > > Sounds right to me. > > Best regards, Julian As I heard no pushback I've done this in <https://github.com/httpwg/http-extensions/commit/6b1cc1995538fde23241ed4d89725f4e9a62b3ec>. I plan to submit a new draft later today (which then would go to the IESG). Best regards, Julian
Received on Tuesday, 1 March 2016 11:09:11 UTC