AD review of draft-ietf-httpbis-bcp56bis-12
Francesca Palombini <francesca.palombini@ericsson.com> Fri, 09 July 2021 20:16 UTC
Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EE09C3A2D96 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Fri, 9 Jul 2021 13:16:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.948
X-Spam-Level:
X-Spam-Status: No, score=-7.948 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.198, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.248, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sPzxWHCyyv0X for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Fri, 9 Jul 2021 13:16:37 -0700 (PDT)
Received: from lyra.w3.org (lyra.w3.org [128.30.52.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9CBF53A2D9D for <httpbisa-archive-bis2Juki@lists.ietf.org>; Fri, 9 Jul 2021 13:16:37 -0700 (PDT)
Received: from lists by lyra.w3.org with local (Exim 4.92) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1m1wsy-0002YX-1e for ietf-http-wg-dist@listhub.w3.org; Fri, 09 Jul 2021 20:14:16 +0000
Resent-Date: Fri, 09 Jul 2021 20:14:08 +0000
Resent-Message-Id: <E1m1wsy-0002YX-1e@lyra.w3.org>
Received: from titan.w3.org ([128.30.52.76]) by lyra.w3.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from <francesca.palombini@ericsson.com>) id 1m1wsr-0002Xi-Uo for ietf-http-wg@listhub.w3.org; Fri, 09 Jul 2021 20:14:02 +0000
Received: from mail-db8eur05on2080.outbound.protection.outlook.com ([40.107.20.80] helo=EUR05-DB8-obe.outbound.protection.outlook.com) by titan.w3.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from <francesca.palombini@ericsson.com>) id 1m1wsm-0001pa-7e for ietf-http-wg@w3.org; Fri, 09 Jul 2021 20:13:58 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=He0q8sQ7IvmxnbDSpoafE3reRnaH6gNZrDoL+CPeQKw0yOBXVFsUUY15n3FshmI1zpY4Py7sZHBu+lVNJe47HU94JQpMmw6dudWBAdC08ATR/0CDehd/TXbUlD8NofayfZnGM3hAtimYdujZ6iggf9YK7nlxDDypq901LqAzHlaXdIuvb3rzuZJh0MOjEHGFjAKY5AmwXpG9JsnGtzlen3gPligIjCnzdzXpujVuxAAC2XOKSgbpZMfmBJXw5ExD7wuc00ZGGHvHNzph5o2ntShXqlbrwlCoFHe9Qzx71e8WxUroaJxOdrZjcCW7fF65DtJqRYfwbG0J+9qXxkiMEQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=COWpmHGyC6AdATj6VG0W1mxNiAMVjYcoYNXmJXgcng0=; b=GP3Kn1kimHVB7uik/wr4wACSnN1URnnuU2HXd1BoizZs4zmUc3TdkombpvkgCRlF4kxK7IawEBAhU71Ib8+OlJoveq3XFK3k1QxNudDSv/WOdASjwl3e+zAvk1jYwRNPu9RTDzRE0zjL4B6lVvDneUpsIyNLgZVTkBO0LFrY7FOICZxlxUgG7RsyoDrS3cFYZwKNTZXtgi4cYCaK9wcW7OOww8FWMML28BctYgYRbjoE9cOfxprtfRxaMgWNzLGdJwWQZ8oaXXF4cpkADNodRWqBnZHQ1gO3XRobly49/f2XN1vkv8fDPPLYlroYD7Gicj14DZAxFhbUiQ8TWRZDFQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=COWpmHGyC6AdATj6VG0W1mxNiAMVjYcoYNXmJXgcng0=; b=PLiI/q2pfYC+Lw+QHrIYgNm1ew1FaGkSgR6ampyqGfNABRQuAexTtXa8ojmGCCE4EvFxpcXxgf+6rKTqxDttAuUUdpgnWaQklbPIsg3tTl0GCTY20e985fENhEAYnLAmk3aIQapb5zZvv+3LryKoj1G5CvXzg8KQ8X5DYk5bvhk=
Received: from HE1PR07MB4217.eurprd07.prod.outlook.com (2603:10a6:7:96::33) by HE1PR0701MB3003.eurprd07.prod.outlook.com (2603:10a6:3:4e::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4287.12; Fri, 9 Jul 2021 20:13:43 +0000
Received: from HE1PR07MB4217.eurprd07.prod.outlook.com ([fe80::6ce5:7088:a9a8:15d9]) by HE1PR07MB4217.eurprd07.prod.outlook.com ([fe80::6ce5:7088:a9a8:15d9%7]) with mapi id 15.20.4308.023; Fri, 9 Jul 2021 20:13:43 +0000
From: Francesca Palombini <francesca.palombini@ericsson.com>
To: "draft-ietf-httpbis-bcp56bis@ietf.org" <draft-ietf-httpbis-bcp56bis@ietf.org>, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
Thread-Topic: AD review of draft-ietf-httpbis-bcp56bis-12
Thread-Index: AQHXdP7qVgqlWBJkEEWhFSGn+TYeRg==
Date: Fri, 09 Jul 2021 20:13:43 +0000
Message-ID: <39CA0EC0-4F31-4794-87DF-48280BD2521A@ericsson.com>
Accept-Language: en-GB, en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.50.21061301
authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=ericsson.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 1f6bc95a-c899-4371-b3ce-08d943160d04
x-ms-traffictypediagnostic: HE1PR0701MB3003:
x-microsoft-antispam-prvs: <HE1PR0701MB300328C2017CB4B20654D47F98189@HE1PR0701MB3003.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:6430;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: EQ8fqboVtOgFpF4u5Z0h/vM9lj0DM3ATp264aMkOfE9xeSjnnh1xaCoQrW1Y0GBGaLzc7LFsnG5wGrF/9zx3tqGwBL3Nn2dCsCxRq9QQe/0BAsli+bgkzRz4vepJpOn9rpeYjpIQDaQu3+MxDmeezXWGgCWtY1Nhpn8FRdtT/EJghGRnQVuo9V6q5Lw6YPNtnJp7B4SEWiJTCvqG+mwlytCRG0GWMqvHhTl0ZaLKuQvKaJJiiEnTMVfKw1Otsf82VDjCVZxlLK5ABY6D9iqI7gOltAVP3AX2oWcphuZMD2M97i0B3FwJeV/zO/gxou/3Gi74s3yKdbytuum/fpTVuc16hGPwNiykvbFMfmfnBHNF7SUNz+JwuKyY73LfGxWcFaBI7bXnCZTNkGAi60K0uTG2B93ThUi3oKWhjUJ+187wdIrblpZlgoegZyh9FNxReB6wUPeal+0sBw1TktpN56hK67wl8lNlVRgpuRSnQF0s8vNQGbRFBf9sDmhnqdQ408KJ4PG8rTRhYhwViyU6jA9vVgbJO+7I2cTKhUvKXJ4bu4fhwbTmX6/cKfNL+BjrXtiPv9R8KIGlc15vrs2JPWw4ryprUGzCnXWYGNBeSlsxE7QQj+uXNwxu2/3G145eBP0eXFtr4MGSjOf9h+YeoDIzWvnVh7AkzQclH6bwrsShYkrdYXHDVcOesI+S81Zn+AmHY8gGjUcbnprOsI3k5f+zkm02eTqVCWsDuN+6tVLq89QJXcKmtEqScBEoxkpGd4YMVuZIqSjsqKqogPvmj/GX/L4W23i+nGWFjcZ8UEu2Zzek2L361APi8LDoizJMAESAvIX2QkxziwV90c1pTA==
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:HE1PR07MB4217.eurprd07.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(376002)(136003)(39860400002)(366004)(346002)(396003)(66446008)(6506007)(86362001)(38100700002)(66476007)(36756003)(2616005)(66556008)(83380400001)(316002)(71200400001)(6512007)(5660300002)(2906002)(122000001)(8936002)(966005)(76116006)(8676002)(66946007)(33656002)(478600001)(64756008)(6486002)(186003)(110136005)(44832011)(45980500001);DIR:OUT;SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: hXnXe9CM7BiNVZNYJKGp91GoTyY034PmIpcS+32idZG3v+xtmirI+v9+SR/rg4JbPHzgrXI3xbGUdmOIqcSCDBIXXYjMYiQOLmqG4F4LdxTGuZEClW/anQAfYeqOMCh843WZus36TcbiAMcc1JwCY9h21UY2qckVCTIeZt6s22sbnbWDMdfDx18iBzdVmQS11i4NT+K872c1IA/+St0wGU3ZhJPOg+y6GJpTDmkXeFVgtN6IAtdoCBizsVmH63RxxWJevEi4A8e8wxTAk1wzeiia1q4ZGb11XSkqRlK5pTpIVRp+O+p+a+uv4vUCkEmWCbt26CNqFQGuC2EPsfDm8AdSIAZJF8RzfmbOIKEsCzqrQrBLIu2ytwGtcdvv9Msp8fXj0XDu5VnOQ/uC29Jb6aj+MLDHVDOmTOrSA+WvLa2h/B1zUac+r7QMQqAsY7YxuZTOiIcFLLAX5SIG15AKp7pJxw9hRxD3hTihghPmU6BxjI+UFwXgvg6+cIhoptmyJAjCQx3NnBEsyzWYk11Mole4QO4qCU8zpJTAqY1lGd3hKEUAbbku+nYL3NliunuRE0cvmjsr5OIWRC0soyqBhvprRhtTWbRSujav/RQXWNks3Vvf5kaZ2cL2Sv1Fi93bZ0hiw8cbwWTM00f43rDujhpMikzJRXsgUMjU9ImWobCO/a7yjs0+xFBTpk8n8RMvqk4fxtu5n8fdjNhubwv47k1fgNMvnuUGQPA+GWNzoSmX6X7b1uzfNRDmmbkL0LJDiodV08DSx7kuXn/6wA6aZbXGE/VW5KhvRGXgr+voC2/kTA02m/lmhpGKEKDE0BO90D3/iJ7zcLzSgfzsvzQzR/yf6UK5ve6cr7P9aQRF+kCuuQa2pZOZnxR5TbIoUmAbwIPORpdG32fgOvoqJ7iWVmDKCMTovVlQBH0wXSleJVFVp672Ng91LCjFcdMhTawdLSclGiqU2us1sTrA1cHVL6bezImAYrTSxGGZHNeBK6DLBz0wsMGMec3pIYK05mnZ5ZOhCqsJA1EGVhTjgKrN7M1o9N9H/vOTZsH5TFSP+y+oNTPYJ2AeUY9Rmytu4GVP9ugz/gn58L/JZ6oMKyosZ8K8OBY2Mf7/Pr+RbrxQUIldEaxbkP1ICz4wNGWX9llq8pfL5CzkYKuQ6hgbK68XDZw8goCUz2BlpluSefIetPqaD5uphJKrLR/F1ngQCBFf+p0L9aqvUsshugfOZTXNBnMlSgcqzp6Hp5RTnb8NkLOnndw01xBmU24T6fmmIdbMyTIjKSXXIHJQ+dhun9w5vy1bOQLP/d/hkLSdJqbU5sxE8XUs9PNICda1+tT/qYTJdisg28vSMDv5cpjW3iprszFT/AYfNjqwOrSC78TtT3Kf5B+B9ELkqLUqMsithQ4LLJH1DV8ylr8EdsWc/aNC8A==
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <234E85364A28F140AFBDB936A88E05B1@eurprd07.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: HE1PR07MB4217.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 1f6bc95a-c899-4371-b3ce-08d943160d04
X-MS-Exchange-CrossTenant-originalarrivaltime: 09 Jul 2021 20:13:43.5000 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: oBUXwtTLOQfsaDpp1BHDDNV9dW0+mAvc0ert7GW17QEVvd2GCFor6qhxQ+nMrer3ro9HdRy4gp6ruhDcBLdXVRDkBkV9TQQkstbCUeyLNIm4gi663Eavmn4742bJn0cj
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR0701MB3003
Received-SPF: pass client-ip=40.107.20.80; envelope-from=francesca.palombini@ericsson.com; helo=EUR05-DB8-obe.outbound.protection.outlook.com
X-W3C-Hub-DKIM-Status: validation passed: (address=francesca.palombini@ericsson.com domain=ericsson.com), signature is good
X-W3C-Hub-Spam-Status: No, score=-5.3
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.45, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_WL=-1
X-W3C-Scan-Sig: titan.w3.org 1m1wsm-0001pa-7e c51ab793646acd1c2b3d71665ab3a798
X-Original-To: ietf-http-wg@w3.org
Subject: AD review of draft-ietf-httpbis-bcp56bis-12
Archived-At: <https://www.w3.org/mid/39CA0EC0-4F31-4794-87DF-48280BD2521A@ericsson.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/39004
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
Hi, Thank you for this well written and easy to read document. Here is my review: please handle these minor comments together with the Last Call ones. I have opened an issue with the text below in the github: https://github.com/httpwg/http-extensions/issues/1568 Francesca 1. ----- As noted by the shepherd, the document should point to 3205 in the abstract and in the introduction to mention it obsoletes it. From https://www.ietf.org/standards/ids/checklist/: "If your document obsoletes or updates a previous RFC, then: * Say so in the abstract. * Explain in the introduction how and why this document updates or obsoletes an earlier document." 2. ----- * updates or modifies the IANA registries defined for HTTP. FP: Not completely clear what "update or modify" means. What is the difference between updating and modifying an IANA registry? And I assume in this case updating or modifying only aims to indicate changes to the registry as a whole (for example, adding a new column, changing all values etc), and registering a new value is not considering modifying a registry, is this assumption correct? In any case, it would be good to clarify. 3. ----- [I-D.ietf-httpbis-semantics], but also other specifications as appropriate). FP: I understand the motivation for it, but I don't think this last part of the sentence helps the reader, because of its vagueness. 4. ----- aspects of the protocol's operation; or, it might want to use a different set of methods. FP: "different set of methods" than those it should according to ... (Might use some clarification) 5. ---- Doing so brings more freedom to modify protocol operations, but loses at least a portion of the benefits outlined above, as most HTTP FP: the benefits mentioned here are not specified above, is it those mentioned in section 3.3? 6. ----- Applications using HTTP should not statically require HTTP features that are usually negotiated to be supported by clients. For example, FP: Since this affect interoperability, why is the "should not" not BCP 14 "SHOULD NOT"? 7. ----- This means that in most cases, specifications for applications that use HTTP won't contain its URLs; FP: I am not sure about what "its" refers to. 8. ----- using an already existing one if it's appropriate (e.g., HostMeta [RFC6415]). FP: nit - s/using/use 9. ----- First, status codes are often generated by components other the the FP: nit - replace the first "the" with "then" 10. ----- Common syntactic conventions for message contents include JSON [RFC8259], XML [XML], and CBOR [RFC7049] FP: s/7049/8949 (and update reference) 11. ----- either in the response's content or in a separate header field. When this happens, the relationship between HTTP caching and that lifetime need to be carefully considered, since the response will be used as FP. nit - s/need/needs 12. ----- Section 4.4.2 requires support for 'https' URLs, and discourages the use of 'http' URLs, to provide authentication, integrity and confidentiality, as well as mitigate pervasive monitoring attacks. FP: Section 4.4.2 does not require, but RECOMMENDS the use of https.
- AD review of draft-ietf-httpbis-bcp56bis-12 Francesca Palombini