- From: Henry S. Thompson <ht@inf.ed.ac.uk>
- Date: Wed, 09 Jun 2010 13:47:52 +0100
- To: ietf-http-wg@w3.org
- Cc: Mark Nottingham <mnot@mnot.net>, public-html@w3.org, www-tag@w3.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Further to the TAG's suggestion in [1] regarding 'sniffing', and replies from Yves Lafon [2] and Mark Nottingham [3], the TAG has asked me to convey our thanks for your willingness to reopen this issue. With some minor adjustments, we are happy that the text proposed at [2] addresses most of our concerns. We suggest the following two minor changes: does not correctly identify the content sent --> does not reflect the intended interpretation of the content sent and Such recipients SHOULD NOT --> Recipients SHOULD NOT We would however prefer that something about this issue also remain in section 3.1.2. Perhaps keep If the Content-Type header field is present, a recipient which interprets the underlying data in a way inconsistent with the specified media type risks drawing incorrect conclusions. in 3.1.2, adding something along the lines of "See [7.3] for a related security issue.", but we are happy to leave this to your editorial discretion. We are less happy with the proposed addition suggested by Mark in [3], on the grounds that it a) implies that documents have media types in some intrinsic way, which we think is at best misleading, and that b) the straw men it sets up will in fact be counterproductive. ht, on behalf of the TAG [1] http://lists.w3.org/Archives/Public/public-html/2010Mar/0493.html [2] http://lists.w3.org/Archives/Public/public-html/2010Mar/0659.html [3] http://lists.w3.org/Archives/Public/public-html/2010May/0330.html [This message pertains to TAG ACTION-370] - -- Henry S. Thompson, School of Informatics, University of Edinburgh 10 Crichton Street, Edinburgh EH8 9AB, SCOTLAND -- (44) 131 650-4440 Fax: (44) 131 651-1426, e-mail: ht@inf.ed.ac.uk URL: http://www.ltg.ed.ac.uk/~ht/ [mail from me _always_ has a .sig like this -- mail without it is forged spam] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (GNU/Linux) iD8DBQFMD414kjnJixAXWBoRAr4EAJ9W4zFN1SywFjfMG8QQtXAiPPmaIwCfbAw2 rZ/VkbMn24RAI2S6OoMUDWU= =dhkn -----END PGP SIGNATURE-----
Received on Wednesday, 9 June 2010 12:48:25 UTC