IETF Logo Mail Archive

Re: [apps-discuss] Fwd: I-D Action: draft-nottingham-http-browser-hints-02.txt

Dzonatas Sol <dzonatas@gmail.com> Wed, 01 June 2011 23:13 UTC

Return-Path: <dzonatas@gmail.com>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6AB02E06FA for <apps-discuss@ietfa.amsl.com>; Wed, 1 Jun 2011 16:13:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.023
X-Spam-Level:
X-Spam-Status: No, score=-4.023 tagged_above=-999 required=5 tests=[AWL=-2.384, BAYES_00=-2.599, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7OB4+BcHr89A for <apps-discuss@ietfa.amsl.com>; Wed, 1 Jun 2011 16:13:30 -0700 (PDT)
Received: from mail-pw0-f44.google.com (mail-pw0-f44.google.com [209.85.160.44]) by ietfa.amsl.com (Postfix) with ESMTP id 9EFEBE0678 for <apps-discuss@ietf.org>; Wed, 1 Jun 2011 16:13:30 -0700 (PDT)
Received: by pwi5 with SMTP id 5so271223pwi.31 for <apps-discuss@ietf.org>; Wed, 01 Jun 2011 16:13:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:message-id:date:from:user-agent:mime-version:to :cc:subject:references:in-reply-to:content-type :content-transfer-encoding; bh=K3AmqB6IuIsoJPe64eSCR/eKsOxi6+t9yL28Jaiu2JY=; b=o98ve1GlIz50l4QD/PeGv99ljsKgxaJhSKQkk7ZbmhUm9SU9iLkSqr/dJDMxjtm8Lg NXy/I+nJZq+4rctd6RjMLxaQsAoDOHdoIF/X2m8cr5n5pgo8pU1DJ43hQkQpcdUWcoJP mTzDYfEyYBJiXeOzyMo7oT+U1oK9z6uWVSBJ8=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; b=ldInVSMB9FRO6+Tkvhu5aWrqo600WLZjYe3/QNpQVGAWQkyomT6QVbTPqsjPN9FG3o 0Sm1oWugZcgDYE0Z9xAs7/eZh7/wyBGOQabZCLu4fcqfxuJXZoGHdIuuJHbbFk2ZBpvk jYDBFYl3tekj8ZgLqL21z3y52jtXnjT+RIX4w=
Received: by 10.68.8.105 with SMTP id q9mr28615pba.3.1306970010211; Wed, 01 Jun 2011 16:13:30 -0700 (PDT)
Received: from [192.168.0.50] ([70.133.70.225]) by mx.google.com with ESMTPS id p5sm24202pbd.92.2011.06.01.16.13.28 (version=TLSv1/SSLv3 cipher=OTHER); Wed, 01 Jun 2011 16:13:29 -0700 (PDT)
Message-ID: <4DE6C753.3050300@gmail.com>
Date: Wed, 01 Jun 2011 16:12:19 -0700
From: Dzonatas Sol <dzonatas@gmail.com>
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.16) Gecko/20110307 Icedove/3.0.11
MIME-Version: 1.0
To: Dzonatas Sol <dzonatas@gmail.com>
References: <20110531062229.28776.82429.idtracker@ietfa.amsl.com> <0CE9268E-5802-4B0A-B643-F580E7F048B5@mnot.net> <4DE6A061.5050005@gmail.com> <81A4D128-EFD1-4EA5-9311-625552167463@mnot.net> <4DE6AEEA.5090500@gmail.com> <BDD11151-6C79-4F3E-9FAD-3769B4747683@mnot.net> <4DE6B50B.7050803@gmail.com>
In-Reply-To: <4DE6B50B.7050803@gmail.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Cc: Mark Nottingham <mnot@mnot.net>, Apps Discuss <apps-discuss@ietf.org>
Subject: Re: [apps-discuss] Fwd: I-D Action: draft-nottingham-http-browser-hints-02.txt
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Jun 2011 23:13:31 -0000

For non-.XXX domains, there is also this Assembly approved 
implementation, already: 
http://www.leginfo.ca.gov/pub/11-12/bill/asm/ab_0151-0200/ab_155_bill_20110502_amended_asm_v97.html

That begs the question on how browsers need to implement the wholesaler 
perspective or else what compliant implementations exist due to http 
status code 402 (obvious optimization), which "strict-xhtml" may help 
filter-in currency per state by presence.

On 06/01/2011 02:54 PM, Dzonatas Sol wrote:
> Without my specific implementation, let me point out the implied 
> strictness of the .XXX domain. I've known implementations that try the 
> cookie-cutter approach to create walled gardens around minorities, yet 
> those implementations have only broken families by blind's eye to 
> enforcement of rules that separate kids from parents in any way, 
> especially those in potentially exploited situations or uncontrolled 
> conditions.
>
> Instead of those cookie-cutter cases, the most successful guideline is 
> no age, no sex, and no location. The "strict-xhtml" hint can help 
> balance these well known experiences.
>
> On 06/01/2011 02:38 PM, Mark Nottingham wrote:
>> If you can convince a browser to implement that, great.
>>
>>
>> On 02/06/2011, at 7:28 AM, Dzonatas Sol wrote:
>>
>>> Exactly, thanks.
>>>
>>> In "1.  Introduction":
>>> "
>>>    These are just two examples of common, conservative behaviour by
>>>    browsers that is good for interoperability, but potentially bad for
>>>    performance in certain circumstances.
>>>
>>>    This memo proposes a mechanism whereby a HTTP server can advertise
>>>    hints for browsers (and other clients), so that communication with
>>>    them can be optimised.
>>> "
>>>
>>> Updated for requirements of RFC2119:
>>>
>>> "
>>> Proposed:
>>>
>>> 5.9.  strict-xhtml
>>>
>>>   o  Browser Hint Name: strict-xhtml
>>>   o  Description: Validation SHOULD be enforced by the browser or 
>>> SHOULD be
>>>       required by the HTTP client/server that are related to the 
>>> mechanisms, as
>>>       described by section 1, before any expected requests or 
>>> responses are
>>>       allowed and processed. This hint neither prescribes any 
>>> particular validation
>>>       scheme nor prescribes any methods of invocation either before 
>>> or after any
>>>       given validation scheme.
>>>   o  Value Type: true | false
>>>   o  Contact: mnot@mnot.net
>>> "
>>>
>>>
>>> On 06/01/2011 02:05 PM, Mark Nottingham wrote:
>>>> Browser-hints are targeted at browsers; see the requirements in the 
>>>> draft.
>>>>
>>>>
>>>> On 02/06/2011, at 6:26 AM, Dzonatas Sol wrote:
>>>>
>>>>
>>>>> "
>>>>> Proposed:
>>>>>
>>>>> 5.9.  strict-xhtml
>>>>>
>>>>>    o  Browser Hint Name: strict-xhtml
>>>>>    o  Description: Validation is enforced or is required before 
>>>>> any expected requests
>>>>>        or responses are allowed and processed. This hint neither 
>>>>> prescribes any
>>>>>        particular validation scheme nor prescribes any methods of 
>>>>> invocation either
>>>>>        before or after any given validation scheme.
>>>>>    o  Value Type: true | false
>>>>>    o  Contact: mnot@mnot.net
>>>>> "
>>>>>
>>>>> One example, if an intermediary detects javascript comments within 
>>>>> tags (i.e.<script>// comments</script>,<script>/* comments 
>>>>> */</script>) then those may be changed to XML style comments (<? 
>>>>> comments ?>), removed, or aborted with one of the HTTP status 4XX 
>>>>> codes. That example could be activated by the POST method with 
>>>>> descriptors, and the hint reveals these methods are already 
>>>>> allowed. They were proven comments that were not requested.
>>>>>
>>>>> That hint makes more sense in reverse POST events, gentler like 
>>>>> how sandboxes work yet without specific emulation or virtual 
>>>>> machine code.
>>>>>
>>>>> On 05/30/2011 11:28 PM, Mark Nottingham wrote:
>>>>>
>>>>>> FYI. Diffs at:
>>>>>>    
>>>>>> http://tools.ietf.org/rfcdiff?url2=draft-nottingham-http-browser-hints-02 
>>>>>>
>>>>>>
>>>>>> Changelog:
>>>>>>    - removed Ref header and rearranged referer-based hints
>>>>>>    - added 'prefixlist' value type
>>>>>>    - changed omit-cookies from list of cookie names to prefixlist
>>>>>>    - added caching advice for 404s
>>>>>>
>>>>>> Feedback appreciated, as always.
>>>>>>
>>>>>>
>>>>>>
>>>>>> Begin forwarded message:
>>>>>>
>>>>>>
>>>>>>
>>>>>>> From: internet-drafts@ietf.org
>>>>>>> Date: 31 May 2011 4:22:29 PM AEST
>>>>>>> To: i-d-announce@ietf.org
>>>>>>> Subject: I-D Action: draft-nottingham-http-browser-hints-02.txt
>>>>>>> Reply-To: internet-drafts@ietf.org
>>>>>>>
>>>>>>> A New Internet-Draft is available from the on-line 
>>>>>>> Internet-Drafts directories.
>>>>>>>
>>>>>>>     Title           : HTTP Browser Hints
>>>>>>>     Author(s)       : Mark Nottingham
>>>>>>>     Filename        : draft-nottingham-http-browser-hints-02.txt
>>>>>>>     Pages           : 9
>>>>>>>     Date            : 2011-05-30
>>>>>>>
>>>>>>>    Over time, Web browsers have adapted how they use HTTP based 
>>>>>>> upon
>>>>>>>    common server configurations and behaviours.  While this is 
>>>>>>> necessary
>>>>>>>    in the common case, it can be detrimental for performance and
>>>>>>>    interoperability.
>>>>>>>
>>>>>>>    This document establishes a mechanism whereby origin servers 
>>>>>>> can make
>>>>>>>    available hints for browsers about their preferences and
>>>>>>>    capabilities, without imposing overhead on their interactions or
>>>>>>>    requiring support for them.
>>>>>>>
>>>>>>>    This is intended to allow browsers to safely optimise 
>>>>>>> connections to
>>>>>>>    servers.
>>>>>>>
>>>>>>>
>>>>>>> A URL for this Internet-Draft is:
>>>>>>> http://www.ietf.org/internet-drafts/draft-nottingham-http-browser-hints-02.txt 
>>>>>>>
>>>>>>>
>>>>>>> Internet-Drafts are also available by anonymous FTP at:
>>>>>>> ftp://ftp.ietf.org/internet-drafts/
>>>>>>>
>>>>>>> This Internet-Draft can be retrieved at:
>>>>>>> ftp://ftp.ietf.org/internet-drafts/draft-nottingham-http-browser-hints-02.txt 
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> I-D-Announce mailing list
>>>>>>> I-D-Announce@ietf.org
>>>>>>> https://www.ietf.org/mailman/listinfo/i-d-announce
>>>>>>> Internet-Draft directories: http://www.ietf.org/shadow.html
>>>>>>> or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
>>>>>>>
>>>>>>>
>>>>>> -- 
>>>>>> Mark Nottingham   http://www.mnot.net/
>>>>>>
>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> apps-discuss mailing list
>>>>>> apps-discuss@ietf.org
>>>>>> https://www.ietf.org/mailman/listinfo/apps-discuss
>>>>>>
>>>>>>
>>>>>>
>>>>> -- 
>>>>> --- https://twitter.com/Dzonatas_Sol ---
>>>>> Web Development, Software Engineering, Virtual Reality, Consultant
>>>>>
>>>>> _______________________________________________
>>>>> apps-discuss mailing list
>>>>> apps-discuss@ietf.org
>>>>> https://www.ietf.org/mailman/listinfo/apps-discuss
>>>>>
>>>> -- 
>>>> Mark Nottingham   http://www.mnot.net/
>>>>
>>>>
>>>>
>>>>
>>>>
>>>
>>> -- 
>>> --- https://twitter.com/Dzonatas_Sol ---
>>> Web Development, Software Engineering, Virtual Reality, Consultant
>>>
>> -- 
>> Mark Nottingham   http://www.mnot.net/
>>
>>
>>
>>
>
>


-- 
--- https://twitter.com/Dzonatas_Sol ---
Web Development, Software Engineering, Virtual Reality, Consultant

v2.23.0 | Report a Bug | By Email