IETF Logo Mail Archive

Re: [Ietf-message-headers] HTTP header registration question

Martin Duerst <duerst@it.aoyama.ac.jp> Fri, 28 September 2007 10:57 UTC

Return-path: <ietf-message-headers-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1IbDWo-0003u5-U8; Fri, 28 Sep 2007 06:57:02 -0400
Received: from ietf-message-headers by megatron.ietf.org with local (Exim 4.43) id 1IbDWn-0003sK-Kg for ietf-message-headers-confirm+ok@megatron.ietf.org; Fri, 28 Sep 2007 06:57:01 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IbDWn-0003nH-BD for ietf-message-headers@lists.ietf.org; Fri, 28 Sep 2007 06:57:01 -0400
Received: from scmailgw1.scop.aoyama.ac.jp ([133.2.251.194]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1IbDWc-0004VW-Qu for ietf-message-headers@lists.ietf.org; Fri, 28 Sep 2007 06:56:57 -0400
Received: from scmse1.scbb.aoyama.ac.jp (scmse1 [133.2.253.16]) by scmailgw1.scop.aoyama.ac.jp (secret/secret) with SMTP id l8SAtuwR013461 for <ietf-message-headers@lists.ietf.org>; Fri, 28 Sep 2007 19:56:00 +0900 (JST)
Received: from (133.2.206.133) by scmse1.scbb.aoyama.ac.jp via smtp id 19b3_63efed3a_6db1_11dc_9d3b_0014221fa3c9; Fri, 28 Sep 2007 19:55:56 +0900
X-AuthUser: duerst@it.aoyama.ac.jp
Received: from Tanzawa.it.aoyama.ac.jp ([133.2.210.1]:53348) by itmail.it.aoyama.ac.jp with [XMail 1.22 ESMTP Server] id <S15A0B0> for <ietf-message-headers@lists.ietf.org> from <duerst@it.aoyama.ac.jp>; Fri, 28 Sep 2007 19:52:39 +0900
Message-Id: <6.0.0.20.2.20070928194301.0383ab30@localhost>
X-Sender: duerst@localhost
X-Mailer: QUALCOMM Windows Eudora Version 6J
Date: Fri, 28 Sep 2007 19:52:45 +0900
To: Anne van Kesteren <annevk@opera.com>, ietf-message-headers@lists.ietf.org
From: Martin Duerst <duerst@it.aoyama.ac.jp>
Subject: Re: [Ietf-message-headers] HTTP header registration question
In-Reply-To: <op.tza9zqen64w2qv@annevk-t60.oslo.opera.com>
References: <op.tza9zqen64w2qv@annevk-t60.oslo.opera.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 41c17b4b16d1eedaa8395c26e9a251c4
Cc:
X-BeenThere: ietf-message-headers@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Discussion list for header fields used in Internet messaging applications." <ietf-message-headers.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ietf-message-headers>, <mailto:ietf-message-headers-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf-message-headers@ietf.org>
List-Help: <mailto:ietf-message-headers-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ietf-message-headers>, <mailto:ietf-message-headers-request@ietf.org?subject=subscribe>
Errors-To: ietf-message-headers-bounces@ietf.org

Hello Anne,

I have some comments about the document at
http://dev.w3.org/2006/waf/access-control/Overview.html.

First, the title is not easy to understand for people who
aren't totally immersed in the Ajax business. Most Web
Resources are, almost by definition, read accessible.

I'd suggest a title like "Enabling Cross-Domain Read
Access for Web Resources".

I don't understand the sentence:
>>>>
XML resources may include an <?access-control?> processing instruction within the XML Prolog to indicate in cases where the access control read policy applies from which domains they can be fetched. [XML]
>>>>

First, the [XML] reference at the end looks totally out of context.
I know that some style guides say that references should be at the
end of a sentence, but this one is really unreadable. More important,
"in cases where" doesn't make sense.

The only way for me to understand this sentence is that the PI is
interpreted on the server side, before the document is (or actually
is not) sent, but experience with in-document information for server
side has been detrimental (nobody wants to take that performance hit),
so I highly advise against this. If the PI is supposed to apply
client-side, the the above sentence needs heavy rewriting.
Checking whether a document can be downloaded once it's already
downloaded is of course nonsense.

Another point that I don't understand is that the TO-ASCII algorithm
of RFC 3490 is mentioned several times, but the syntax only allows
RFC 3986 URIs or RFC 1034 labels. TO-ASCII only makes sense if you
start with an Unicode string, but RFC 3986 and RFC 1034 are pure
ASCII already. I think it would be good to allow IDNs, but you actually
have to say so.

Regards,    Martin.

At 20:53 07/09/27, Anne van Kesteren wrote:
>Hi,
>
>For a W3C specification "Enabling Read Access for Web Resources" the W3C  
>WAF WG would like to register three HTTP headers: Access-Control,  
>If-Method-Allowed, and Referer-Root (sic). Can I do that as attached or is  
>it preferable to have three separate templates? Also, does the  
>specification itself need to include anything that points back to the  
>header registry, does it need to include the template, etc.? This did not  
>became clear from reading RFC  3864. Thanks for the information!
>
>Kind regards,
>
>
>-- 
>Anne van Kesteren
><http://annevankesteren.nl/>
><http://www.opera.com/>
>
>
>_______________________________________________
>Ietf-message-headers mailing list
>Ietf-message-headers@ietf.org
>https://www1.ietf.org/mailman/listinfo/ietf-message-headers


#-#-#  Martin J. Du"rst, Assoc. Professor, Aoyama Gakuin University
#-#-#  http://www.sw.it.aoyama.ac.jp       mailto:duerst@it.aoyama.ac.jp     



_______________________________________________
Ietf-message-headers mailing list
Ietf-message-headers@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf-message-headers

v2.23.0 | Report a Bug | By Email