p2: editorial for Expect and 1xx

Mark Nottingham <mnot@mnot.net> Tue, 23 April 2013 07:17 UTC

Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id A86B921F9458 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 23 Apr 2013 00:17:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.507
X-Spam-Status: No, score=-10.507 tagged_above=-999 required=5 tests=[AWL=0.092, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id tVuc0Aw1RNPk for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 23 Apr 2013 00:17:47 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org []) by ietfa.amsl.com (Postfix) with ESMTP id E10CE21F9457 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Tue, 23 Apr 2013 00:17:46 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1UUXSz-0004ZY-RC for ietf-http-wg-dist@listhub.w3.org; Tue, 23 Apr 2013 07:16:41 +0000
Resent-Date: Tue, 23 Apr 2013 07:16:41 +0000
Resent-Message-Id: <E1UUXSz-0004ZY-RC@frink.w3.org>
Received: from maggie.w3.org ([]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <mnot@mnot.net>) id 1UUXSm-0004V0-42 for ietf-http-wg@listhub.w3.org; Tue, 23 Apr 2013 07:16:28 +0000
Received: from mxout-08.mxes.net ([]) by maggie.w3.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.72) (envelope-from <mnot@mnot.net>) id 1UUXSl-00005m-3T for ietf-http-wg@w3.org; Tue, 23 Apr 2013 07:16:28 +0000
Received: from [] (unknown []) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by smtp.mxes.net (Postfix) with ESMTPSA id 65DA3509B5 for <ietf-http-wg@w3.org>; Tue, 23 Apr 2013 03:16:05 -0400 (EDT)
From: Mark Nottingham <mnot@mnot.net>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: quoted-printable
Message-Id: <D1835993-DE4C-4283-A8B6-C5C00833F3EB@mnot.net>
Date: Tue, 23 Apr 2013 17:16:02 +1000
To: "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>
Mime-Version: 1.0 (Mac OS X Mail 6.3 \(1503\))
X-Mailer: Apple Mail (2.1503)
Received-SPF: pass client-ip=; envelope-from=mnot@mnot.net; helo=mxout-08.mxes.net
X-W3C-Hub-Spam-Status: No, score=-4.3
X-W3C-Hub-Spam-Report: AWL=-2.436, BAYES_00=-1.9, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001
X-W3C-Scan-Sig: maggie.w3.org 1UUXSl-00005m-3T eea74a7c1ae62e34c0a8a9729303d3d9
X-Original-To: ietf-http-wg@w3.org
Subject: p2: editorial for Expect and 1xx
Archived-At: <http://www.w3.org/mid/D1835993-DE4C-4283-A8B6-C5C00833F3EB@mnot.net>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/17488
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

Editorial stuff related to Expect and 1xx:

* p2 5.1.1 says "A recipient of a syntactically invalid Expectation header field must respond with a 4xx status code other than 417."  We should recommend something specific; e.g., append "(usually, 400 (Bad Request))".

* p2 says "The 100-continue expectation does not use any expect-params."   We should specify that they're to be ignored by recipients.

* p2 "If an origin server receives a request that does not include an Expect header field with the "100-continue" expectation, the request includes a payload body, and the server responds with a final status code before reading the entire payload body from the transport connection, then the server should not close the transport connection until it has read the entire request, or until the client closes the connection. Otherwise, the client might not reliably receive the response message. However, this requirement ought not be construed as preventing a server from defending itself against denial-of-service attacks, or from badly broken client implementations."

This seems out of place (it's about connection management) and largely redundant with the text in p1 6.6.

* p2 6.2 says: "Since HTTP/1.0 did not define any 1xx status codes, servers must not send a 1xx response to an HTTP/1.0 client except under experimental conditions."   Since this applies to proxies forwarding responses, it needs to be mentioned somewhere in p1 too.

* p2 6.2 says:  "Proxies must forward 1xx responses, unless the connection between the proxy and its client has been closed, or unless the proxy itself requested the generation of the 1xx response."   There needs to be a get-out clause for when there's an HTTP/1.0 client; otherwise this requirement is in conflict with the one above.

Mark Nottingham   http://www.mnot.net/