Re: [websec] [Ietf-message-headers] HTTP 'Origin' permanent and provisional
SM <sm@resistor.net> Wed, 13 February 2013 20:32 UTC
Return-Path: <sm@resistor.net>
X-Original-To: websec@ietfa.amsl.com
Delivered-To: websec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E2E0B21F862A; Wed, 13 Feb 2013 12:32:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.575
X-Spam-Level:
X-Spam-Status: No, score=-102.575 tagged_above=-999 required=5 tests=[AWL=0.024, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fq52B15z7SeQ; Wed, 13 Feb 2013 12:32:42 -0800 (PST)
Received: from mx.ipv6.elandsys.com (mx.ipv6.elandsys.com [IPv6:2001:470:f329:1::1]) by ietfa.amsl.com (Postfix) with ESMTP id D968521F8628; Wed, 13 Feb 2013 12:32:42 -0800 (PST)
Received: from SUBMAN.resistor.net (IDENT:sm@localhost [127.0.0.1]) (authenticated bits=0) by mx.elandsys.com (8.14.5/8.14.5) with ESMTP id r1DKWNAk022825; Wed, 13 Feb 2013 12:32:26 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=opendkim.org; s=mail2010; t=1360787550; bh=rKCQeBEaYrM6QabYxf4Be641CyHF8zAzK8R7/pBgjF0=; h=Date:To:From:Subject:Cc:In-Reply-To:References; b=2r1JVwcmdmQhVM76wyeXITjKwzJntFNx6ka08T465l21/7k0AtuyQno5nxRlRA3F3 h7CrpuQpGgnPh7xrA+hG9NAfGbBOMiNxkI/gN2sD9o0c4MwRmWGHr7V0C9WE6CZxDk vpHeVyqz4HzetrNzNNBt9I4HKAuY9lh7kZwGQDDk=
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=resistor.net; s=mail; t=1360787550; i=@resistor.net; bh=rKCQeBEaYrM6QabYxf4Be641CyHF8zAzK8R7/pBgjF0=; h=Date:To:From:Subject:Cc:In-Reply-To:References; b=MCUI+R3iAdM79XZyCchYaAzJO0zo/ah1Q8G8lfZVWTaEALaV6efBICwB6cP8aqPCy k1qClCLiWGd+WEH3NRhm1hrX99ZQoaL6+7Vr08Edl+2csu76glDMl8qSwgi+JmrQRW AO7GRIKH+uleg/UjH22k4FUY8VGly+O5/1LyYlTQ=
Message-Id: <6.2.5.6.2.20130213122642.0a997470@resistor.net>
X-Mailer: QUALCOMM Windows Eudora Version 6.2.5.6
Date: Wed, 13 Feb 2013 12:32:12 -0800
To: Julian Reschke <julian.reschke@gmx.de>
From: SM <sm@resistor.net>
In-Reply-To: <511BF66F.5070100@gmx.de>
References: <iljnh8d2cisqlsqvai0662974a0ei71qsn@hive.bjoern.hoehrmann.de> <6.2.5.6.2.20130213113549.0afcce60@resistor.net> <4613980CFC78314ABFD7F85CC3027721119A6FFE@IL-EX10.ad.checkpoint.com> <511BF66F.5070100@gmx.de>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Cc: websec@ietf.org, Bjoern Hoehrmann <derhoermi@gmx.net>, ietf-message-headers@ietf.org
Subject: Re: [websec] [Ietf-message-headers] HTTP 'Origin' permanent and provisional
X-BeenThere: websec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Web Application Security Minus Authentication and Transport <websec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/websec>, <mailto:websec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/websec>
List-Post: <mailto:websec@ietf.org>
List-Help: <mailto:websec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/websec>, <mailto:websec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Feb 2013 20:32:44 -0000
Hi Julian, At 12:24 13-02-2013, Julian Reschke wrote: >You make it sound as if it's ok to run two different registries with >partly overlapping values. It's not. It's a bug in the way IANA >handles this. This is what needs to be fixed. It's easier to fix the bug first. The following could be used: "When a new entry is recorded in the permanent message header field registry, IANA will remove any corresponding entries (with the same field name and protocol) from the provisional registry." That avoids overlapping values. Regards, -sm
- Re: [websec] [Ietf-message-headers] HTTP 'Origin'… SM
- Re: [websec] [Ietf-message-headers] HTTP 'Origin'… Julian Reschke
- Re: [websec] [Ietf-message-headers] HTTP 'Origin'… Yoav Nir
- Re: [websec] [Ietf-message-headers] HTTP 'Origin'… Julian Reschke
- Re: [websec] [Ietf-message-headers] HTTP 'Origin'… Barry Leiba
- Re: [websec] [Ietf-message-headers] HTTP 'Origin'… SM
- Re: [websec] [Ietf-message-headers] HTTP 'Origin'… Yoav Nir
- Re: [websec] [Ietf-message-headers] HTTP 'Origin'… Julian Reschke
- Re: [websec] [Ietf-message-headers] HTTP 'Origin'… Mark Nottingham
- Re: [websec] [Ietf-message-headers] HTTP 'Origin'… Julian Reschke
- Re: [websec] [Ietf-message-headers] HTTP 'Origin'… Bjoern Hoehrmann
- Re: [websec] [Ietf-message-headers] HTTP 'Origin'… Graham Klyne
- Re: [websec] [Ietf-message-headers] HTTP 'Origin'… Bjoern Hoehrmann