[Editorial Errata Reported] RFC7838 (6481)
RFC Errata System <rfc-editor@rfc-editor.org> Sat, 13 March 2021 00:26 UTC
Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C6D083A0CDD for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Fri, 12 Mar 2021 16:26:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.67
X-Spam-Level:
X-Spam-Status: No, score=-6.67 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, CTE_8BIT_MISMATCH=1, HEADER_FROM_DIFFERENT_DOMAINS=0.25, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cT83AKgf0ola for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Fri, 12 Mar 2021 16:26:30 -0800 (PST)
Received: from lyra.w3.org (lyra.w3.org [128.30.52.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 59BFA3A0CE2 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Fri, 12 Mar 2021 16:26:30 -0800 (PST)
Received: from lists by lyra.w3.org with local (Exim 4.92) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1lKs4P-0005pM-Ru for ietf-http-wg-dist@listhub.w3.org; Sat, 13 Mar 2021 00:23:53 +0000
Resent-Date: Sat, 13 Mar 2021 00:23:53 +0000
Resent-Message-Id: <E1lKs4P-0005pM-Ru@lyra.w3.org>
Received: from mimas.w3.org ([128.30.52.79]) by lyra.w3.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from <wwwrun@rfc-editor.org>) id 1lKs4N-0005oi-DC for ietf-http-wg@listhub.w3.org; Sat, 13 Mar 2021 00:23:51 +0000
Received: from rfc-editor.org ([4.31.198.49]) by mimas.w3.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from <wwwrun@rfc-editor.org>) id 1lKs4L-0003fO-1r for ietf-http-wg@w3.org; Sat, 13 Mar 2021 00:23:51 +0000
Received: by rfc-editor.org (Postfix, from userid 30) id CABD8F40753; Fri, 12 Mar 2021 16:23:34 -0800 (PST)
To: mnot@mnot.net, mcmanus@ducksong.com, julian.reschke@greenbytes.de, superuser@gmail.com, barryleiba@computer.org, mnot@mnot.net, tpauly@apple.com
X-PHP-Originating-Script: 1005:errata_mail_lib.php
From: RFC Errata System <rfc-editor@rfc-editor.org>
Cc: lucaspardue.24.7@gmail.com, ietf-http-wg@w3.org, rfc-editor@rfc-editor.org
Content-Type: text/plain; charset="UTF-8"
Message-Id: <20210313002334.CABD8F40753@rfc-editor.org>
Date: Fri, 12 Mar 2021 16:23:34 -0800
Received-SPF: pass client-ip=4.31.198.49; envelope-from=wwwrun@rfc-editor.org; helo=rfc-editor.org
X-W3C-Hub-Spam-Status: No, score=-6.2
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, CTE_8BIT_MISMATCH=0.999, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_IRA=-1, W3C_WL=-1
X-W3C-Scan-Sig: mimas.w3.org 1lKs4L-0003fO-1r 580110d84065e0c44bd0adea0c3b6720
X-Original-To: ietf-http-wg@w3.org
Subject: [Editorial Errata Reported] RFC7838 (6481)
Archived-At: <https://www.w3.org/mid/20210313002334.CABD8F40753@rfc-editor.org>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/38633
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
The following errata report has been submitted for RFC7838, "HTTP Alternative Services". -------------------------------------- You may review the report below and at: https://www.rfc-editor.org/errata/eid6481 -------------------------------------- Type: Editorial Reported by: Lucas Pardue <lucaspardue.24.7@gmail.com> Section: 2.4 Original Text ------------- Furthermore, if the connection to the alternative service fails or is unresponsive, the client MAY fall back to using the origin or another alternative service. Note, however, that this could be the basis of a downgrade attack, thus losing any enhanced security properties of the alternative service. Corrected Text -------------- ¯\_(ツ)_/¯ Notes ----- Alt-Svc fall back is described in section 2.4 and mentions security properties, so I was expecting to see something about fall back in the security considerations. This might be implicitly covered by Section 9.3 but it could potentially be made more clear. Instructions: ------------- This erratum is currently posted as "Reported". If necessary, please use "Reply All" to discuss whether it should be verified or rejected. When a decision is reached, the verifying party can log in to change the status and edit the report, if necessary. -------------------------------------- RFC7838 (draft-ietf-httpbis-alt-svc-14) -------------------------------------- Title : HTTP Alternative Services Publication Date : April 2016 Author(s) : M. Nottingham, P. McManus, J. Reschke Category : PROPOSED STANDARD Source : HTTP Area : Applications and Real-Time Stream : IETF Verifying Party : IESG
- [Editorial Errata Reported] RFC7838 (6481) RFC Errata System
- Re: [Editorial Errata Reported] RFC7838 (6481) Julian Reschke
- Re: [Editorial Errata Reported] RFC7838 (6481) Ben Schwartz
- Re: [Editorial Errata Reported] RFC7838 (6481) Lucas Pardue
- Re: [Editorial Errata Reported] RFC7838 (6481) Julian Reschke