ok .. I created https://github.com/w3c/webappsec/pull/371 Unless there is strong objection, I think we should go with this. On 18 May 2015 at 15:22, Joel Weinberger <jww@chromium.org> wrote: > "MAY" certainly covers the plans for our implementation, so it works for > me. I'd like to know, though, if any UA actually plans not to follow this > directive. If not, than I don't really see the point of a "MAY" vs "SHOULD" > or "MUST." But, yeah, I'm fine with this in any case. > --Joel > > PS: I'm on vacation until next week, so I'll be quite slow to respond at > times. My apologies! > > On Tue, May 19, 2015 at 5:29 AM, Devdatta Akhawe <dev.akhawe@gmail.com> > wrote: > >> Given that there is some disagreement about this, I don't think we gain >> anything by asserting that. As I mentioned, I can imagine a UA doing this >> to encourage migration. >> >> On 18 May 2015 at 08:39, Gervase Markham <gerv@mozilla.org> wrote: >> >>> On 18/05/15 16:33, Devdatta Akhawe wrote: >>> > I thought the MAY gave flexibility to UAs. Does it not? >>> >>> It does; but I always think that when a spec says "MAY", it means a bit >>> more than "You MAY consider the moon to be made of green cheese"; i.e. >>> there are circumstances where the MAY might be a good idea. I'm not sure >>> I can think of any circumstances where a UA would decide to block loads >>> due to out-of-date integrity hash algorithms, given that the >>> no-integrity behaviour is to load regardless. >>> >>> Gerv >>> >> >> >
Received on Monday, 18 May 2015 22:44:56 UTC