IETF Logo Mail Archive

Re: [websec] AppsDir review of draft-ietf-websec-strict-transport-sec

Julian Reschke <julian.reschke@gmx.de> Tue, 01 May 2012 19:54 UTC

Return-Path: <julian.reschke@gmx.de>
X-Original-To: websec@ietfa.amsl.com
Delivered-To: websec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B70E021E8424 for <websec@ietfa.amsl.com>; Tue, 1 May 2012 12:54:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -103.128
X-Spam-Level:
X-Spam-Status: No, score=-103.128 tagged_above=-999 required=5 tests=[AWL=-0.529, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TbqEDoODJ-tt for <websec@ietfa.amsl.com>; Tue, 1 May 2012 12:54:10 -0700 (PDT)
Received: from mailout-de.gmx.net (mailout-de.gmx.net [213.165.64.23]) by ietfa.amsl.com (Postfix) with SMTP id DD6CB21E8423 for <websec@ietf.org>; Tue, 1 May 2012 12:54:09 -0700 (PDT)
Received: (qmail invoked by alias); 01 May 2012 19:54:08 -0000
Received: from p5DD97D93.dip.t-dialin.net (EHLO [192.168.178.36]) [93.217.125.147] by mail.gmx.net (mp069) with SMTP; 01 May 2012 21:54:08 +0200
X-Authenticated: #1915285
X-Provags-ID: V01U2FsdGVkX1+716Vsv3a7k1uUwrlZcQ5wjeBzXDKwFD9Nv+4/51 5stlNhLTlbjcbn
Message-ID: <4FA03F4D.3050606@gmx.de>
Date: Tue, 01 May 2012 21:53:49 +0200
From: Julian Reschke <julian.reschke@gmx.de>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:12.0) Gecko/20120420 Thunderbird/12.0
MIME-Version: 1.0
To: "Murray S. Kucherawy" <msk@cloudmark.com>
References: <9452079D1A51524AA5749AD23E003928106147@exch-mbx901.corp.cloudmark.com> <4F9EC5BD.7000404@gmx.de> <9452079D1A51524AA5749AD23E0039281075DB@exch-mbx901.corp.cloudmark.com> <4F9F9A8D.8080004@gmx.de> <9452079D1A51524AA5749AD23E003928107DBB@exch-mbx901.corp.cloudmark.com>
In-Reply-To: <9452079D1A51524AA5749AD23E003928107DBB@exch-mbx901.corp.cloudmark.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Y-GMX-Trusted: 0
Cc: "draft-ietf-websec-strict-transport-sec@tools.ietf.org" <draft-ietf-websec-strict-transport-sec@tools.ietf.org>, "websec@ietf.org" <websec@ietf.org>, "apps-discuss@ietf.org" <apps-discuss@ietf.org>
Subject: Re: [websec] AppsDir review of draft-ietf-websec-strict-transport-sec
X-BeenThere: websec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Web Application Security Minus Authentication and Transport <websec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/websec>, <mailto:websec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/websec>
List-Post: <mailto:websec@ietf.org>
List-Help: <mailto:websec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/websec>, <mailto:websec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 May 2012 19:54:10 -0000

On 2012-05-01 15:43, Murray S. Kucherawy wrote:
>> -----Original Message-----
>> From: Julian Reschke [mailto:julian.reschke@gmx.de]
>> Sent: Tuesday, May 01, 2012 1:11 AM
>> To: Murray S. Kucherawy
>> Cc: apps-discuss@ietf.org; websec@ietf.org; draft-ietf-websec-strict-transport-sec@tools.ietf.org
>> Subject: Re: [websec] AppsDir review of draft-ietf-websec-strict-transport-sec
>>
>>> Why not just say "delta-seconds is defined in Section 3.3.2 of
>>> [RFC2616]" and leave out the restatement of the ABNF?  Then it's truly
>>> only specified in one place.
>>
>> That's *exactly* what the prose ABNF rule is doing; except that it
>> makes the in-spec ABNF complete.
>
> Yes, and I'm saying I think that's a risky thing to do.  Granted, in this particular case it's pretty hard to copy and get wrong, but in general it's safer to point to an authoritative definition of something rather than copy it just so it's all local.

Technically it *does* point to the authoritative definition.

Best regards, Julian

v2.23.0 | Report a Bug | By Email