Aug 18, 2012, 9:39:58 PM (7 years ago)

(editorial) a few tweaks to remove ambiguous or meaningless text

1 edited


  • draft-ietf-httpbis/latest/p1-messaging.xml

    r1826 r1829  
    399399   servers are large public websites. That is not the case in practice.
    400400   Common HTTP user agents include household appliances, stereos, scales,
    401    software/firmware updaters, command-line programs, mobile apps,
     401   firmware update scripts, command-line programs, mobile apps,
    402402   and communication devices in a multitude of shapes and sizes.  Likewise,
    403403   common HTTP origin servers include home automation units, configurable
    419419   warning for security or privacy options.  In the few cases where this
    420420   specification requires reporting of errors to the user, it is acceptable
    421    for such reporting to only be visible in an error console or log file.
     421   for such reporting to only be observable in an error console or log file.
    422422   Likewise, requirements that an automated action be confirmed by the user
    423423   before proceeding can me met via advance configuration choices,
    551551   both ends of the relayed connection are closed. Tunnels are used to
    552552   extend a virtual connection through an intermediary, such as when
    553    transport-layer security is used to establish private communication
     553   transport-layer security is used to establish confidential communication
    554554   through a shared firewall proxy.
    938938   requirements for the "https" scheme, except that a default TCP port
    939939   of 443 is assumed if the port subcomponent is empty or not given,
    940    and the TCP connection &MUST; be secured for privacy through the
     940   and the TCP connection &MUST; be secured through the
    941941   use of strong encryption prior to sending the first HTTP request.
    2844    For organizations that have strong privacy requirements for hiding
    2845    internal structures, a proxy or gateway &MAY; combine an ordered
    2846    subsequence of Via header field entries with identical received-protocol
    2847    values into a single such entry. For example,
     2844   A proxy or gateway &MAY; combine an ordered subsequence of Via header
     2845   field entries into a single such entry if the entries have identical
     2846   received-protocol values. For example,
    28492848<figure><artwork type="example">
    37043703<section title="Personal Information" anchor="personal.information">
    3706    HTTP clients are often privy to large amounts of personal information
     3705   HTTP clients are often privy to large amounts of personal information,
     3706   including both information provided by the user to interact with resources
    37073707   (e.g., the user's name, location, mail address, passwords, encryption
    3708    keys, etc.), and &SHOULD; be very careful to prevent unintentional
    3709    leakage of this information.
    3710    We very strongly recommend that a convenient interface be provided
    3711    for the user to control dissemination of such information, and that
    3712    designers and implementers be particularly careful in this area.
    3713    History shows that errors in this area often create serious security
    3714    and/or privacy problems and generate highly adverse publicity for the
    3715    implementer's company.
     3708   keys, etc.) and information about the user's browsing activity over
     3709   time (e.g., history, bookmarks, etc.). HTTP implementations need to
     3710   prevent unintentional leakage of this information.
    38013796   Users need to be aware that intermediaries are no more trustworthy than
    38023797   the people who run them; HTTP itself cannot solve this problem.
    3803 </t>
    3804 <t>
    3805    The judicious use of cryptography, when appropriate, might suffice to
    3806    protect against a broad range of security and privacy attacks. Such
    3807    cryptography is beyond the scope of the HTTP/1.1 specification.
Note: See TracChangeset for help on using the changeset viewer.