Re: [minutes] CT Call Tuesday 6 May 2008 Open AI

Thanks for the pointer Heiko,

I tend to think that, as a result of last weeks discussions, the 
one-time URI problem is already being addressed in the guidelines - as 
much as is possible, that is:
- we've put the emphasis to warn CT-vendors that issuing two requests 
instead of one should be avoided whenever possible.
- that's the typical case where the server has to add a Cache-Control: 
no-transform directive in the response.

I understand that means existing content may break, but the only other 
solution would be to state that only one request has to be sent by the 
CT-proxy and we'd re-enter the headers spoofing problem.

Plus: one-time URIs are not a "correct" use of HTTP. Even without 
content transformation, there is nothing that guarantees that the user 
actually received the response.


Gerlach, Heiko, VF-Group wrote:
> Hi All,
> Yesterday we discussed the isseu with the One Time Urls. We already 
> discussed it here.
> _
> Cheers
> *Heiko Gerlach*
> *Vendor Manager / Product Owner*
> *Global Consumer Internet Services & Platforms*
> *Tel: +49 211 820 2168*
> *Fax: +49 211 820 2141*
> *Mobile +49 172 20 40 50 7* 
> *E-Mail:* ___**_ 
> <>** 
> * *
> Vodafone Group Services GmbH
> Mannesmannufer 2, D-40213 Düsseldorf
> Amtsgericht Düsseldorf, HRB 53554
> Geschäftsführung: Dr. Joachim Peters, Rainer Wallek
> This message and any files or documents attached are confidential and 
> may also be legally privileged or protected by other legal rules. It is 
> intended only for the individual or entity named. If you are not the 
> named addressee or you have received this email in error, please inform 
> the sender immediately, delete it from your system and do not copy or 
> disclose it or its contents or use it for any purpose. Thank you.  
> Please also note that transmission cannot be guaranteed to be secure or 
> error-free.
> *P* Please consider your environmental responsibility before printing 
> this e-mail

Received on Tuesday, 13 May 2008 08:19:23 UTC