Re: Skipping DNS resolutions with ORIGIN frame

> On 18 Jul 2017, at 4:59 pm, Eric Rescorla <> wrote:
> This language seems a bit confusing. Usually, MUSTs are intended to impose requirements on the server, but there's no way for the server to know if they are meeting client expectations. One could of course invert this to make it a requirement on clients, but then it's just a tautology that the client has to enforce client policies. 

Yeah. Like I said, we don't usually specify this sort of detail in HTTP-land, hence the vagueness. We can change that, of course.

Mark Nottingham

Received on Tuesday, 18 July 2017 15:02:25 UTC