IETF Logo Mail Archive

Re: [websec] of quoted-string header field param value syntax (was: Strict-Transport-Security syntax redux)

Julian Reschke <julian.reschke@gmx.de> Sun, 15 January 2012 22:11 UTC

Return-Path: <julian.reschke@gmx.de>
X-Original-To: websec@ietfa.amsl.com
Delivered-To: websec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CCCAC21F8474 for <websec@ietfa.amsl.com>; Sun, 15 Jan 2012 14:11:07 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -103.603
X-Spam-Level:
X-Spam-Status: No, score=-103.603 tagged_above=-999 required=5 tests=[AWL=-1.004, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Pqxnk0HaCKpV for <websec@ietfa.amsl.com>; Sun, 15 Jan 2012 14:11:06 -0800 (PST)
Received: from mailout-de.gmx.net (mailout-de.gmx.net [213.165.64.23]) by ietfa.amsl.com (Postfix) with SMTP id 6452B21F8472 for <websec@ietf.org>; Sun, 15 Jan 2012 14:11:05 -0800 (PST)
Received: (qmail invoked by alias); 15 Jan 2012 22:11:04 -0000
Received: from p5DCC2944.dip.t-dialin.net (EHLO [192.168.178.36]) [93.204.41.68] by mail.gmx.net (mp069) with SMTP; 15 Jan 2012 23:11:04 +0100
X-Authenticated: #1915285
X-Provags-ID: V01U2FsdGVkX1/B4IQRNx3BTBVdG4Tkn+IkhEdwHP9u14UwAIV5FW bv/hkFnm1M2+8i
Message-ID: <4F134EF6.5050208@gmx.de>
Date: Sun, 15 Jan 2012 23:11:02 +0100
From: Julian Reschke <julian.reschke@gmx.de>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:9.0) Gecko/20111222 Thunderbird/9.0.1
MIME-Version: 1.0
To: Adam Barth <ietf@adambarth.com>
References: <4F10CB26.2000206@KingsMountain.com> <CAJE5ia9-_KcDcm1Ac51PQt0XOGXmXnQjabMnDd1QihU_MGkBZA@mail.gmail.com>
In-Reply-To: <CAJE5ia9-_KcDcm1Ac51PQt0XOGXmXnQjabMnDd1QihU_MGkBZA@mail.gmail.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Y-GMX-Trusted: 0
Cc: IETF WebSec WG <websec@ietf.org>
Subject: Re: [websec] of quoted-string header field param value syntax (was: Strict-Transport-Security syntax redux)
X-BeenThere: websec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Web Application Security Minus Authentication and Transport <websec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/websec>, <mailto:websec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/websec>
List-Post: <mailto:websec@ietf.org>
List-Help: <mailto:websec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/websec>, <mailto:websec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 15 Jan 2012 22:11:08 -0000

On 2012-01-15 22:53, Adam Barth wrote:
> ...
> It's definitely messy.
>
> I don't think it matters much what we write in this document.  Even if
> we spec quoted-string, I doubt many folks will implement it.  However,
> we can deal with that problem when it comes time to add extension
> values that actually used quoted-string.
> ...

Apologies for the direct question: just 14 days ago you stated that you 
did not implement q-s in Chrome, and that you don't intend to:

AB> Chrome does not (and will not) implement quoted-string for the STS
AB> header for the reasons I've explained previously.  You're welcome to
AB> file bugs, but I'm just going to close them WONTFIX.

That's somewhat different from what you say now.

Is "the extensions do not exist yet" the excuse for not implementing 
what the spec says? Will you be around for fixing Chrome when the first 
bug reports because of broken extensions come in?

Best regards, Julian

v2.23.0 | Report a Bug | By Email