Re: Redirection Chains from Mary Ellen Zurko on 2008-06-11 (public-wsc-wg@w3.org from June 2008)

From: Mary Ellen Zurko <Mary_Ellen_Zurko@notesdev.ibm.com>
Date: Wed, 11 Jun 2008 10:29:02 -0400
To: "Thomas Roessler <tlr" <tlr@w3.org>
Cc: johnath@mozilla.com,public-wsc-wg@w3.org
Message-ID: <OF4669D9E0.C1A7E854-ON85257465.004F6E1B-85257465.004F8D77@LocalDomain>

> Johnath, you note:
> 
> >Note that this applies whether or not the resource in which the
> >non-interactive chain of
> >
> >    * redirections terminates is TLS protected in any manner. In
> >    particular, even if the retrieval of the final resource in the
> >    chain of redirections is strongly TLS protected, clients MUST
> >    signal an error. Also note that this section is not limited to
> >    HTTP level redirection mechanisms; it also covers redirections
> >    that are caused by scripting or HTML constructs. 
> > 
> >This section is confusing since it suggests that we are signalling
> >an error, not a warning as mentioned above. It's also not clear how
> >to interpret this text in light of things like image transfers
> >which, if they occurred over unprotected connections would be cause
> >for mixed mode treatment, but not warnings or errors. I can't
> >declare conformance here at the moment, given these confusions.
> 
> http://www.w3.org/2006/WSC/wiki/Firefox_3.0_Conformance_with_June_LC
> 
> The "signal an error" language is old, and preceded the introduction
> of the different error signalling levels, if I recall correctly.

Do we have an action tracking fixing this language?

Received on Wednesday, 11 June 2008 14:43:33 UTC