Re: [minutes] CT Call Tuesday 6 May 2008 Open AI from Francois Daoust on 2008-05-13 (public-bpwg-ct@w3.org from May 2008)

From: Francois Daoust <fd@w3.org>
Date: Tue, 13 May 2008 10:18:51 +0200
To: "Gerlach, Heiko, VF-Group" <Heiko.Gerlach@vodafone.com>
CC: public-bpwg-ct@w3.org
Message-ID: <48294EEB.9030606@w3.org>

Thanks for the pointer Heiko,

I tend to think that, as a result of last weeks discussions, the 
one-time URI problem is already being addressed in the guidelines - as 
much as is possible, that is:
- we've put the emphasis to warn CT-vendors that issuing two requests 
instead of one should be avoided whenever possible.
- that's the typical case where the server has to add a Cache-Control: 
no-transform directive in the response.

I understand that means existing content may break, but the only other 
solution would be to state that only one request has to be sent by the 
CT-proxy and we'd re-enter the headers spoofing problem.

Plus: one-time URIs are not a "correct" use of HTTP. Even without 
content transformation, there is nothing that guarantees that the user 
actually received the response.

François.


Gerlach, Heiko, VF-Group wrote:
> Hi All,
> 
> Yesterday we discussed the isseu with the One Time Urls. We already 
> discussed it here.
> _http://lists.w3.org/Archives/Member/member-bpwg/2007Dec/0006.html_
> 
> Cheers
> 
> 
> *Heiko Gerlach*
> *Vendor Manager / Product Owner*
> *Global Consumer Internet Services & Platforms*
> *Tel: +49 211 820 2168*
> *Fax: +49 211 820 2141*
> *Mobile +49 172 20 40 50 7* 
> *E-Mail:* ___*heiko.gerlach@vodafone.com*_ 
> <mailto:heiko.gerlach@vodafone.com>** 
> * *
> 
> Vodafone Group Services GmbH
> Mannesmannufer 2, D-40213 Düsseldorf
> Amtsgericht Düsseldorf, HRB 53554
> Geschäftsführung: Dr. Joachim Peters, Rainer Wallek
>  
>  
> This message and any files or documents attached are confidential and 
> may also be legally privileged or protected by other legal rules. It is 
> intended only for the individual or entity named. If you are not the 
> named addressee or you have received this email in error, please inform 
> the sender immediately, delete it from your system and do not copy or 
> disclose it or its contents or use it for any purpose. Thank you.  
> Please also note that transmission cannot be guaranteed to be secure or 
> error-free.
> 
> *P* Please consider your environmental responsibility before printing 
> this e-mail
>  
>  
>

Received on Tuesday, 13 May 2008 08:19:23 UTC