Éric Vyncke's No Objection on draft-ietf-httpbis-semantics-16: (with COMMENT) from Éric Vyncke via Datatracker on 2021-06-11 (ietf-http-wg@w3.org from April to June 2021)

From: Éric Vyncke via Datatracker <noreply@ietf.org>
Date: Fri, 11 Jun 2021 07:18:47 -0700
To: "The IESG" <iesg@ietf.org>
Cc: draft-ietf-httpbis-semantics@ietf.org, httpbis-chairs@ietf.org, ietf-http-wg@w3.org, tpauly@apple.com, tpauly@apple.com
Message-ID: <162342112733.16714.3140420793759740339@ietfa.amsl.com>

Éric Vyncke has entered the following ballot position for
draft-ietf-httpbis-semantics-16: No Objection

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)


Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about DISCUSS and COMMENT positions.


The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-httpbis-semantics/



----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------

Thank you for the work put into this document.

Martin Duke wrote a nice sentence that fits my experience with this document:
"As someone who has learned HTTP via osmosis, it was very helpful to finally
read it all collected in one place".

Please find below some non-blocking COMMENT points (but replies would be
appreciated), and some nits.

I hope that this helps to improve the document,

Regards,

-éric

== COMMENTS ==

Is there any reason why the 'Forwarded' header (RFC 7239) is not listed ?

-- Section 3.3 --
"As a result, a server MUST NOT assume that two requests ..." unsure about the
use of "as a result" as this paragraph is not really a conclusion of the
previous §. Suggest to remove "As a result".

-- Section 3.9 --
Strongly suggest to update the example by avoiding OpenSSL/0.9.71 as its TLS
version is probably insecure (or even historic) ;-)

-- Section 4.3.3 --
2nd and 3rd § differ as it seems that only H/2 and H/3 accept cert with several
entries. AFAIK, H/1 also accepts several subject names in on cert.

3rd § I am afraid that the meaning of the text about DNS query has completely
escaped me :-(

-- Section 4.3.4 --
Should there be a reference to "CN-ID" ?

-- Section 4.3.5 --
I quickly read the relevant sections of RFC 3986 and RFC 5280 but I cannot find
the information on whether 1/ IPv6 link-local 2/ IPv6 ULA addresses are valid
and how to verify them. Should there some text in this section ?

== NITS ==

-- Section 7.2 --
References to H/2 and H/3 have previously be given, no need to repeat ?

Received on Friday, 11 June 2021 14:20:00 UTC