- From: Orie Steele via Datatracker <noreply@ietf.org>
- Date: Mon, 17 Feb 2025 14:27:15 -0800
- To: "The IESG" <iesg@ietf.org>
- Cc: draft-ietf-httpbis-rfc6265bis@ietf.org, httpbis-chairs@ietf.org, ietf-http-wg@w3.org, mnot@mnot.net, mnot@mnot.net
Orie Steele has entered the following ballot position for draft-ietf-httpbis-rfc6265bis-19: No Objection When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ for more information about how to handle DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-httpbis-rfc6265bis/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- # Orie Steele, ART AD, comments for draft-ietf-httpbis-rfc6265bis-19 CC @OR13 * line numbers: - https://author-tools.ietf.org/api/idnits?url=https://www.ietf.org/archive/id/draft-ietf-httpbis-rfc6265bis-19.txt&submitcheck=True * comment syntax: - https://github.com/mnot/ietf-comments/blob/main/format.md * "Handling Ballot Positions": - https://ietf.org/about/groups/iesg/statements/handling-ballot-positions/ ## Comments Thank you to Claudio Allocchio for the ARTART review. ### What year is it? I suspect I'm about to embarrass myself with ABNF yet again... ``` 598 NOTE: Some existing user agents differ in their interpretation of 599 two-digit years. To avoid compatibility issues, servers SHOULD use 600 the rfc1123-date format, which requires a four-digit year. ``` later: ``` 911 year = 2*4DIGIT [ non-digit *OCTET ] ``` https://datatracker.ietf.org/doc/html/rfc1123#page-55 Perhaps a better reference than "rfc1123-date" Would be: https://datatracker.ietf.org/doc/html/rfc6265#section-5.1.1 ? I tripped on this ABNF, because: https://www.rfc-editor.org/rfc/rfc3339.html#section-5.6 ``` date-fullyear = 4DIGIT ``` https://datatracker.ietf.org/doc/html/rfc7231#section-7.1.1.1 ``` year = 4DIGIT ``` https://datatracker.ietf.org/doc/html/rfc9110#section-5.6.7 ``` year = 4DIGIT ``` https://datatracker.ietf.org/doc/html/rfc9165#section-3-7 ``` date-fullyear = 4DIGIT ``` Is "2*4DIGIT [ non-digit *OCTET ]" the correct way to signal the decimal numbers expected in cookies for year? I suspect this is leftover from the 2 digit year case. which was: https://datatracker.ietf.org/doc/html/rfc822#section-5.1 ``` date = 1*2DIGIT month 2DIGIT ``` And was updated to: ``` date = 1*2DIGIT month 2*4DIGIT ``` But why is it not one of these: ``` date = 1*2DIGIT month 1*4DIGIT date = 1*2DIGIT month 4DIGIT ``` ## Nits ### BCP14 update ``` 216 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 217 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 218 document are to be interpreted as described in [RFC2119]. ``` vvvv ``` The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here. ```
Received on Monday, 17 February 2025 22:27:20 UTC