Re: [apps-discuss] Fwd: I-D Action: draft-nottingham-http-browser-hints-02.txt
Dzonatas Sol <dzonatas@gmail.com> Wed, 01 June 2011 23:13 UTC
Return-Path: <dzonatas@gmail.com>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6AB02E06FA for <apps-discuss@ietfa.amsl.com>; Wed, 1 Jun 2011 16:13:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.023
X-Spam-Level:
X-Spam-Status: No, score=-4.023 tagged_above=-999 required=5 tests=[AWL=-2.384, BAYES_00=-2.599, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7OB4+BcHr89A for <apps-discuss@ietfa.amsl.com>; Wed, 1 Jun 2011 16:13:30 -0700 (PDT)
Received: from mail-pw0-f44.google.com (mail-pw0-f44.google.com [209.85.160.44]) by ietfa.amsl.com (Postfix) with ESMTP id 9EFEBE0678 for <apps-discuss@ietf.org>; Wed, 1 Jun 2011 16:13:30 -0700 (PDT)
Received: by pwi5 with SMTP id 5so271223pwi.31 for <apps-discuss@ietf.org>; Wed, 01 Jun 2011 16:13:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:message-id:date:from:user-agent:mime-version:to :cc:subject:references:in-reply-to:content-type :content-transfer-encoding; bh=K3AmqB6IuIsoJPe64eSCR/eKsOxi6+t9yL28Jaiu2JY=; b=o98ve1GlIz50l4QD/PeGv99ljsKgxaJhSKQkk7ZbmhUm9SU9iLkSqr/dJDMxjtm8Lg NXy/I+nJZq+4rctd6RjMLxaQsAoDOHdoIF/X2m8cr5n5pgo8pU1DJ43hQkQpcdUWcoJP mTzDYfEyYBJiXeOzyMo7oT+U1oK9z6uWVSBJ8=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; b=ldInVSMB9FRO6+Tkvhu5aWrqo600WLZjYe3/QNpQVGAWQkyomT6QVbTPqsjPN9FG3o 0Sm1oWugZcgDYE0Z9xAs7/eZh7/wyBGOQabZCLu4fcqfxuJXZoGHdIuuJHbbFk2ZBpvk jYDBFYl3tekj8ZgLqL21z3y52jtXnjT+RIX4w=
Received: by 10.68.8.105 with SMTP id q9mr28615pba.3.1306970010211; Wed, 01 Jun 2011 16:13:30 -0700 (PDT)
Received: from [192.168.0.50] ([70.133.70.225]) by mx.google.com with ESMTPS id p5sm24202pbd.92.2011.06.01.16.13.28 (version=TLSv1/SSLv3 cipher=OTHER); Wed, 01 Jun 2011 16:13:29 -0700 (PDT)
Message-ID: <4DE6C753.3050300@gmail.com>
Date: Wed, 01 Jun 2011 16:12:19 -0700
From: Dzonatas Sol <dzonatas@gmail.com>
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.16) Gecko/20110307 Icedove/3.0.11
MIME-Version: 1.0
To: Dzonatas Sol <dzonatas@gmail.com>
References: <20110531062229.28776.82429.idtracker@ietfa.amsl.com> <0CE9268E-5802-4B0A-B643-F580E7F048B5@mnot.net> <4DE6A061.5050005@gmail.com> <81A4D128-EFD1-4EA5-9311-625552167463@mnot.net> <4DE6AEEA.5090500@gmail.com> <BDD11151-6C79-4F3E-9FAD-3769B4747683@mnot.net> <4DE6B50B.7050803@gmail.com>
In-Reply-To: <4DE6B50B.7050803@gmail.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Cc: Mark Nottingham <mnot@mnot.net>, Apps Discuss <apps-discuss@ietf.org>
Subject: Re: [apps-discuss] Fwd: I-D Action: draft-nottingham-http-browser-hints-02.txt
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Jun 2011 23:13:31 -0000
For non-.XXX domains, there is also this Assembly approved implementation, already: http://www.leginfo.ca.gov/pub/11-12/bill/asm/ab_0151-0200/ab_155_bill_20110502_amended_asm_v97.html That begs the question on how browsers need to implement the wholesaler perspective or else what compliant implementations exist due to http status code 402 (obvious optimization), which "strict-xhtml" may help filter-in currency per state by presence. On 06/01/2011 02:54 PM, Dzonatas Sol wrote: > Without my specific implementation, let me point out the implied > strictness of the .XXX domain. I've known implementations that try the > cookie-cutter approach to create walled gardens around minorities, yet > those implementations have only broken families by blind's eye to > enforcement of rules that separate kids from parents in any way, > especially those in potentially exploited situations or uncontrolled > conditions. > > Instead of those cookie-cutter cases, the most successful guideline is > no age, no sex, and no location. The "strict-xhtml" hint can help > balance these well known experiences. > > On 06/01/2011 02:38 PM, Mark Nottingham wrote: >> If you can convince a browser to implement that, great. >> >> >> On 02/06/2011, at 7:28 AM, Dzonatas Sol wrote: >> >>> Exactly, thanks. >>> >>> In "1. Introduction": >>> " >>> These are just two examples of common, conservative behaviour by >>> browsers that is good for interoperability, but potentially bad for >>> performance in certain circumstances. >>> >>> This memo proposes a mechanism whereby a HTTP server can advertise >>> hints for browsers (and other clients), so that communication with >>> them can be optimised. >>> " >>> >>> Updated for requirements of RFC2119: >>> >>> " >>> Proposed: >>> >>> 5.9. strict-xhtml >>> >>> o Browser Hint Name: strict-xhtml >>> o Description: Validation SHOULD be enforced by the browser or >>> SHOULD be >>> required by the HTTP client/server that are related to the >>> mechanisms, as >>> described by section 1, before any expected requests or >>> responses are >>> allowed and processed. This hint neither prescribes any >>> particular validation >>> scheme nor prescribes any methods of invocation either before >>> or after any >>> given validation scheme. >>> o Value Type: true | false >>> o Contact: mnot@mnot.net >>> " >>> >>> >>> On 06/01/2011 02:05 PM, Mark Nottingham wrote: >>>> Browser-hints are targeted at browsers; see the requirements in the >>>> draft. >>>> >>>> >>>> On 02/06/2011, at 6:26 AM, Dzonatas Sol wrote: >>>> >>>> >>>>> " >>>>> Proposed: >>>>> >>>>> 5.9. strict-xhtml >>>>> >>>>> o Browser Hint Name: strict-xhtml >>>>> o Description: Validation is enforced or is required before >>>>> any expected requests >>>>> or responses are allowed and processed. This hint neither >>>>> prescribes any >>>>> particular validation scheme nor prescribes any methods of >>>>> invocation either >>>>> before or after any given validation scheme. >>>>> o Value Type: true | false >>>>> o Contact: mnot@mnot.net >>>>> " >>>>> >>>>> One example, if an intermediary detects javascript comments within >>>>> tags (i.e.<script>// comments</script>,<script>/* comments >>>>> */</script>) then those may be changed to XML style comments (<? >>>>> comments ?>), removed, or aborted with one of the HTTP status 4XX >>>>> codes. That example could be activated by the POST method with >>>>> descriptors, and the hint reveals these methods are already >>>>> allowed. They were proven comments that were not requested. >>>>> >>>>> That hint makes more sense in reverse POST events, gentler like >>>>> how sandboxes work yet without specific emulation or virtual >>>>> machine code. >>>>> >>>>> On 05/30/2011 11:28 PM, Mark Nottingham wrote: >>>>> >>>>>> FYI. Diffs at: >>>>>> >>>>>> http://tools.ietf.org/rfcdiff?url2=draft-nottingham-http-browser-hints-02 >>>>>> >>>>>> >>>>>> Changelog: >>>>>> - removed Ref header and rearranged referer-based hints >>>>>> - added 'prefixlist' value type >>>>>> - changed omit-cookies from list of cookie names to prefixlist >>>>>> - added caching advice for 404s >>>>>> >>>>>> Feedback appreciated, as always. >>>>>> >>>>>> >>>>>> >>>>>> Begin forwarded message: >>>>>> >>>>>> >>>>>> >>>>>>> From: internet-drafts@ietf.org >>>>>>> Date: 31 May 2011 4:22:29 PM AEST >>>>>>> To: i-d-announce@ietf.org >>>>>>> Subject: I-D Action: draft-nottingham-http-browser-hints-02.txt >>>>>>> Reply-To: internet-drafts@ietf.org >>>>>>> >>>>>>> A New Internet-Draft is available from the on-line >>>>>>> Internet-Drafts directories. >>>>>>> >>>>>>> Title : HTTP Browser Hints >>>>>>> Author(s) : Mark Nottingham >>>>>>> Filename : draft-nottingham-http-browser-hints-02.txt >>>>>>> Pages : 9 >>>>>>> Date : 2011-05-30 >>>>>>> >>>>>>> Over time, Web browsers have adapted how they use HTTP based >>>>>>> upon >>>>>>> common server configurations and behaviours. While this is >>>>>>> necessary >>>>>>> in the common case, it can be detrimental for performance and >>>>>>> interoperability. >>>>>>> >>>>>>> This document establishes a mechanism whereby origin servers >>>>>>> can make >>>>>>> available hints for browsers about their preferences and >>>>>>> capabilities, without imposing overhead on their interactions or >>>>>>> requiring support for them. >>>>>>> >>>>>>> This is intended to allow browsers to safely optimise >>>>>>> connections to >>>>>>> servers. >>>>>>> >>>>>>> >>>>>>> A URL for this Internet-Draft is: >>>>>>> http://www.ietf.org/internet-drafts/draft-nottingham-http-browser-hints-02.txt >>>>>>> >>>>>>> >>>>>>> Internet-Drafts are also available by anonymous FTP at: >>>>>>> ftp://ftp.ietf.org/internet-drafts/ >>>>>>> >>>>>>> This Internet-Draft can be retrieved at: >>>>>>> ftp://ftp.ietf.org/internet-drafts/draft-nottingham-http-browser-hints-02.txt >>>>>>> >>>>>>> _______________________________________________ >>>>>>> I-D-Announce mailing list >>>>>>> I-D-Announce@ietf.org >>>>>>> https://www.ietf.org/mailman/listinfo/i-d-announce >>>>>>> Internet-Draft directories: http://www.ietf.org/shadow.html >>>>>>> or ftp://ftp.ietf.org/ietf/1shadow-sites.txt >>>>>>> >>>>>>> >>>>>> -- >>>>>> Mark Nottingham http://www.mnot.net/ >>>>>> >>>>>> >>>>>> >>>>>> _______________________________________________ >>>>>> apps-discuss mailing list >>>>>> apps-discuss@ietf.org >>>>>> https://www.ietf.org/mailman/listinfo/apps-discuss >>>>>> >>>>>> >>>>>> >>>>> -- >>>>> --- https://twitter.com/Dzonatas_Sol --- >>>>> Web Development, Software Engineering, Virtual Reality, Consultant >>>>> >>>>> _______________________________________________ >>>>> apps-discuss mailing list >>>>> apps-discuss@ietf.org >>>>> https://www.ietf.org/mailman/listinfo/apps-discuss >>>>> >>>> -- >>>> Mark Nottingham http://www.mnot.net/ >>>> >>>> >>>> >>>> >>>> >>> >>> -- >>> --- https://twitter.com/Dzonatas_Sol --- >>> Web Development, Software Engineering, Virtual Reality, Consultant >>> >> -- >> Mark Nottingham http://www.mnot.net/ >> >> >> >> > > -- --- https://twitter.com/Dzonatas_Sol --- Web Development, Software Engineering, Virtual Reality, Consultant
- [apps-discuss] Fwd: I-D Action: draft-nottingham-… Mark Nottingham
- Re: [apps-discuss] Fwd: I-D Action: draft-notting… Dzonatas Sol
- Re: [apps-discuss] Fwd: I-D Action: draft-notting… Mark Nottingham
- Re: [apps-discuss] Fwd: I-D Action: draft-notting… Dzonatas Sol
- Re: [apps-discuss] Fwd: I-D Action: draft-notting… Mark Nottingham
- Re: [apps-discuss] Fwd: I-D Action: draft-notting… Dzonatas Sol
- Re: [apps-discuss] Fwd: I-D Action: draft-notting… Dzonatas Sol
- Re: [apps-discuss] Fwd: I-D Action: draft-notting… Mykyta Yevstifeyev
- Re: [apps-discuss] I-D Action: draft-nottingham-h… Mark Nottingham
- Re: [apps-discuss] I-D Action: draft-nottingham-h… Mykyta Yevstifeyev
- Re: [apps-discuss] I-D Action: draft-nottingham-h… Peter Saint-Andre
- Re: [apps-discuss] I-D Action: draft-nottingham-h… Mykyta Yevstifeyev
- Re: [apps-discuss] I-D Action: draft-nottingham-h… Barry Leiba
- Re: [apps-discuss] I-D Action: draft-nottingham-h… Mykyta Yevstifeyev
- Re: [apps-discuss] I-D Action: draft-nottingham-h… Barry Leiba