Re: [Technical Errata Reported] RFC7232 (5236)

Mark Nottingham <mnot@mnot.net> Thu, 27 August 2020 06:11 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EB9873A0D6E for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 26 Aug 2020 23:11:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.749
X-Spam-Level:
X-Spam-Status: No, score=-2.749 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.249, MAILING_LIST_MULTI=-1, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=mnot.net header.b=bUfdLO5j; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=BouPx7e2
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 940EZ8Bge4bM for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 26 Aug 2020 23:11:35 -0700 (PDT)
Received: from lyra.w3.org (lyra.w3.org [128.30.52.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4B18C3A0D6D for <httpbisa-archive-bis2Juki@lists.ietf.org>; Wed, 26 Aug 2020 23:11:34 -0700 (PDT)
Received: from lists by lyra.w3.org with local (Exim 4.92) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1kBB5O-0001Mp-78 for ietf-http-wg-dist@listhub.w3.org; Thu, 27 Aug 2020 06:08:34 +0000
Resent-Date: Thu, 27 Aug 2020 06:08:34 +0000
Resent-Message-Id: <E1kBB5O-0001Mp-78@lyra.w3.org>
Received: from titan.w3.org ([128.30.52.76]) by lyra.w3.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from <mnot@mnot.net>) id 1kBB5M-0001FE-2k for ietf-http-wg@listhub.w3.org; Thu, 27 Aug 2020 06:08:32 +0000
Received: from out5-smtp.messagingengine.com ([66.111.4.29]) by titan.w3.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from <mnot@mnot.net>) id 1kBB5K-0002EG-3n for ietf-http-wg@w3.org; Thu, 27 Aug 2020 06:08:31 +0000
Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id AAE195C0267; Thu, 27 Aug 2020 02:08:17 -0400 (EDT)
Received: from mailfrontend2 ([10.202.2.163]) by compute4.internal (MEProxy); Thu, 27 Aug 2020 02:08:17 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mnot.net; h= content-type:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; s=fm3; bh=N 8GArDqv0iarpn0/Jm4s4UZK5JfuKWxtUXIjawuDkBU=; b=bUfdLO5jptQygvi9y ovpZnH9aQcDb9FECzVb5/K5Gyx5WQFJfpqZBNA9g9c1VGWfSQykcXvvCcR4Uqpnj silS+4xKq5U21poCP7aLWPy27U6I/lCEAJSDnJ414ct7sCRamLy6NQ/Z5chvPbGX HAkvFJM9Adun631Z1AIyqioNseWj/dI9Q794fl3Eszswfxy1AIEM2QxG/I3RlpHT 8NHChGg1p+jqBiq4Mrjxuw8bkcBy+jvQTJ+TvLX0FA87bzhd3KriZbxSihgKJ2sL GsYp+vKZp9dCyrAIaoZED+9P8ggtfkpPCv4VFLcrgwzHqYWcplDAwgJO/AOYQ0g3 usn4Q==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm3; bh=N8GArDqv0iarpn0/Jm4s4UZK5JfuKWxtUXIjawuDk BU=; b=BouPx7e2IglsAal+Vg0pfep9dMp1eUrEu/Vfgfd+3UvSntZObw9Y+WXWa XHe/GBJHnVDbAcVR3s0V8sJ0JYBHEyNYoXndhQ0bvGO1idy314ysrzlnPUvDCEee kjUpygCnFvwnB8gyxN0LqizLcV9z58FV5Of9lXWZQ7uSJ2CRDwHIjPFdZ15ZuVGQ lCA3F3+T5EDL8qIKpT0TXhkqYdRWBR7M0hynORqxlTLU1z8GY1k4D96EUWaRBNIa /fN2MOMKVR20PuhWzl0N/Osv2lBvzTQPmNX4X4xaFB06AaWwsBousha4F/kPWiEk wpSFzXpWaCHm0aBxOMZuNjf9jkR+Q==
X-ME-Sender: <xms:0E1HX6FwaFSmbp6qyWLs8-xLXV-YsdcLjWKPMruGWPjU929LwyOSsA>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduiedruddvfedguddtfecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd enucfjughrpegtggfuhfgjfffgkfhfvffosehtqhhmtdhhtddvnecuhfhrohhmpeforghr khcupfhothhtihhnghhhrghmuceomhhnohhtsehmnhhothdrnhgvtheqnecuggftrfgrth htvghrnhepleffvdeuveffffekgefgffeugeehleekkeetjeelhfelkeevkeduieeivedv tefgnecuffhomhgrihhnpehgihhthhhusgdrtghomhdpmhhnohhtrdhnvghtnecukfhppe duudelrddujedrudehkedrvdehudenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgr mhepmhgrihhlfhhrohhmpehmnhhothesmhhnohhtrdhnvght
X-ME-Proxy: <xmx:0E1HX7W2CoArsUHAzuXRkw5ZANc4Poilz2rwb6Khuw9vn28bay79xQ> <xmx:0E1HX0LB8oAPPJtxR6pvfXJb4DmxTcopkvjliDduk00FPthbbSP_VA> <xmx:0E1HX0EBuaq3gE3Ja0qkjvdvOWyi_MlsgHz0TeIN4QeIB2ku5cwHLg> <xmx:0U1HX9g7gB5W4g0kqnLn5K8fOWdd33fEDZcHdzxhA53ZAmVS7yOp-A>
Received: from [192.168.7.30] (119-17-158-251.77119e.mel.static.aussiebb.net [119.17.158.251]) by mail.messagingengine.com (Postfix) with ESMTPA id 315DF3060067; Thu, 27 Aug 2020 02:08:14 -0400 (EDT)
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.80.23.2.2\))
From: Mark Nottingham <mnot@mnot.net>
In-Reply-To: <f7387a3a-a46e-dd11-d0e1-01a68406587a@gmx.de>
Date: Thu, 27 Aug 2020 16:08:10 +1000
Cc: "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <5526CD1C-1987-47BC-9C3C-B211E98FD81B@mnot.net>
References: <20180116155124.07618B81F2B@rfc-editor.org> <55475510-2367-435F-8719-77DFBACADE5C@gbiv.com> <1516134882.3375943.1237594864.4C01254F@webmail.messagingengine.com> <991B2144-B092-4CD0-B6F1-6B66E550FC5E@mnot.net> <f7387a3a-a46e-dd11-d0e1-01a68406587a@gmx.de>
To: "Julian F. Reschke" <julian.reschke@gmx.de>, Barry Leiba <barryleiba@computer.org>
X-Mailer: Apple Mail (2.3608.80.23.2.2)
Received-SPF: pass client-ip=66.111.4.29; envelope-from=mnot@mnot.net; helo=out5-smtp.messagingengine.com
X-W3C-Hub-Spam-Status: No, score=-9.8
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_DB=-1, W3C_IRA=-1, W3C_IRR=-3, W3C_WL=-1
X-W3C-Scan-Sig: titan.w3.org 1kBB5K-0002EG-3n f2b8697dc4d78ced72ea890bd49dcdf9
X-Original-To: ietf-http-wg@w3.org
Subject: Re: [Technical Errata Reported] RFC7232 (5236)
Archived-At: <https://www.w3.org/mid/5526CD1C-1987-47BC-9C3C-B211E98FD81B@mnot.net>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/37958
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

+1 - Barry, can we please mark this as REJECTED?

> On 20 Aug 2020, at 4:22 pm, Julian Reschke <julian.reschke@gmx.de> wrote:
> 
> Am 29.01.2018 um 02:00 schrieb Mark Nottingham:
>> FWIW, I think the source of confusion here is taking this statement out of context:
>> 
>> """However, if a resource has distinct representations that differ only in their metadata, such as might occur with content negotiation over media types that happen to share the same data format, then the origin server needs to incorporate additional information in the validator to distinguish those representations."""
>> 
>> The complete paragraph is:
>> 
>> """There are a variety of strong validators used in practice. The best are based on strict revision control, wherein each change to a representation always results in a unique node name and revision identifier being assigned before the representation is made accessible to GET. A collision-resistant hash function applied to the representation data is also sufficient if the data is available prior to the response header fields being sent and the digest does not need to be recalculated every time a validation request is received. However, if a resource has distinct representations that differ only in their metadata, such as might occur with content negotiation over media types that happen to share the same data format, then the origin server needs to incorporate additional information in the validator to distinguish those representations."""
>> 
>> I.e., the statement is being made in the context of generating strong validators based only upon the message body, when the headers might also change.
>> 
>> Cheers,
> 
> We tracked this in <https://github.com/httpwg/http-core/issues/163> but
> then decided not to make a change.
> 
> I *believe* we should thus reject this erratum.
> 
> Best regards, Julian
> 

--
Mark Nottingham   https://www.mnot.net/