- From: Ben Campbell <ben@nostrum.com>
- Date: Wed, 19 Dec 2018 15:58:39 -0800
- To: "The IESG" <iesg@ietf.org>
- Cc: draft-ietf-httpbis-cdn-loop@ietf.org, Patrick McManus <mcmanus@ducksong.com>, Tommy Pauly <tpauly@apple.com>, httpbis-chairs@ietf.org, tpauly@apple.com, ietf-http-wg@w3.org
Ben Campbell has entered the following ballot position for draft-ietf-httpbis-cdn-loop-01: No Objection When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-httpbis-cdn-loop/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- *** Substantive Comments *** I agree with Alissa's comments, and Adam's comments about configurations that intentionally cross a CDN more than once. - abstract: The abstract could use some more meat. What does the new header accomplish? §2: -- first paragraph: Seems like this header helps "detect" loops, rather than "prevent" them. -- last paragraph: "To be effective, intermediaries - including Content Delivery Networks - MUST NOT remove this header field," Does that put normative requirements on things that do not implement the spec? §3, first paragraph: How can CDNs stop their customer from modifying the header? ** Editorial Comments *** §1, -- 4th paragraph: "loops between multiple CDNs be used as an attack vector" Missing word(s) around "CDNs be"? -- last paragraph: The last sentence os convoluted. Can it be broken into simpler sentences?
Received on Wednesday, 19 December 2018 23:59:03 UTC