IETF Logo Mail Archive

Re: [websec] of quoted-string header field param value syntax (was: Strict-Transport-Security syntax redux)

"Manger, James H" <James.H.Manger@team.telstra.com> Mon, 16 January 2012 11:43 UTC

Return-Path: <James.H.Manger@team.telstra.com>
X-Original-To: websec@ietfa.amsl.com
Delivered-To: websec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0908C21F85BB for <websec@ietfa.amsl.com>; Mon, 16 Jan 2012 03:43:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.606
X-Spam-Level:
X-Spam-Status: No, score=0.606 tagged_above=-999 required=5 tests=[AWL=-1.507, BAYES_40=-0.185, HELO_EQ_AU=0.377, HOST_EQ_AU=0.327, J_CHICKENPOX_41=0.6, RELAY_IS_203=0.994]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MYmhu0-JUUIy for <websec@ietfa.amsl.com>; Mon, 16 Jan 2012 03:43:42 -0800 (PST)
Received: from ipxcno.tcif.telstra.com.au (ipxcno.tcif.telstra.com.au [203.35.82.208]) by ietfa.amsl.com (Postfix) with ESMTP id 5553021F85B9 for <websec@ietf.org>; Mon, 16 Jan 2012 03:43:41 -0800 (PST)
X-IronPort-AV: E=Sophos;i="4.71,517,1320584400"; d="scan'208";a="58687080"
Received: from unknown (HELO ipcani.tcif.telstra.com.au) ([10.97.216.200]) by ipocni.tcif.telstra.com.au with ESMTP; 16 Jan 2012 22:43:37 +1100
X-IronPort-AV: E=McAfee;i="5400,1158,6590"; a="48439680"
Received: from wsmsg3752.srv.dir.telstra.com ([172.49.40.173]) by ipcani.tcif.telstra.com.au with ESMTP; 16 Jan 2012 22:43:37 +1100
Received: from WSMSG3153V.srv.dir.telstra.com ([172.49.40.159]) by WSMSG3752.srv.dir.telstra.com ([172.49.40.173]) with mapi; Mon, 16 Jan 2012 22:43:37 +1100
From: "Manger, James H" <James.H.Manger@team.telstra.com>
To: "jeff.hodges@kingsmountain.com" <jeff.hodges@kingsmountain.com>, "websec@ietf.org" <websec@ietf.org>, "ietf@adambarth.com" <ietf@adambarth.com>
Date: Mon, 16 Jan 2012 22:43:35 +1100
Thread-Topic: [websec] of quoted-string header field param value syntax (was: Strict-Transport-Security syntax redux)
Thread-Index: AczURBTp06ClPUVnR4Cr+UQsEDXPLA==
Message-ID: <587AC02A-BB93-4260-BBEC-EBB649440F4E@team.telstra.com>
Accept-Language: en-US, en-AU
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US, en-AU
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Subject: Re: [websec] of quoted-string header field param value syntax (was: Strict-Transport-Security syntax redux)
X-BeenThere: websec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Web Application Security Minus Authentication and Transport <websec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/websec>, <mailto:websec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/websec>
List-Post: <mailto:websec@ietf.org>
List-Help: <mailto:websec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/websec>, <mailto:websec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 16 Jan 2012 11:43:43 -0000

> agreed. that's why I'm leaning towards spec'g it with quoted-string at this time. It future-proofs the spec

Quoted-string provides no "future-proofing". <token> supports about 77 chars; <quoted-string> adds about 18 more -- there are another 100,000 chars to support (and even more code points) if you actually want future- proofing.

Supporting quoted-string is all about past compromises. It adds no value to a new header.

Consistency with other headers is theoretically valuable, but consistency without the limits (no unicode...) and baggage (ISO8849-1...) of quoted-string would be considerably better.

--
James Manger

v2.23.0 | Report a Bug | By Email